From 1779f5c3383f23cd9a6c825bd83874efc0a740a8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 4 Jan 2020 01:36:42 -0600 Subject: [PATCH 01/67] remove extra / --- roles/nginx/templates/dokuwiki-nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nginx/templates/dokuwiki-nginx.conf b/roles/nginx/templates/dokuwiki-nginx.conf index eb05289e5..9bbfe2cf7 100644 --- a/roles/nginx/templates/dokuwiki-nginx.conf +++ b/roles/nginx/templates/dokuwiki-nginx.conf @@ -1,3 +1,3 @@ location {{ dokuwiki_url }} { - proxy_pass http://127.0.0.1:{{ apache_port }}/{{ dokuwiki_url }}; + proxy_pass http://127.0.0.1:{{ apache_port }}{{ dokuwiki_url }}; } From 679790b1e7a58ec1ef50b49dda18861a114b2e06 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 4 Jan 2020 00:54:40 -0600 Subject: [PATCH 02/67] nginx - softcode --- roles/nginx/tasks/main.yml | 6 +++--- roles/nginx/templates/server.conf | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 5c2dee6ed..937e22a27 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -6,7 +6,7 @@ - { src: "server.conf",dest: "/etc/nginx/" } - { src: "nginx.conf",dest: "/etc/nginx/" } - { src: "ports.conf" , dest: "/etc/{{ apache_service }}/" } - - { src: "iiab.conf.j2",dest: "/etc/nginx/conf.d/iiab.conf" } + - { src: "iiab.conf.j2",dest: "{{ nginx_config_dir }}/iiab.conf" } when: nginx_enabled - name: Clean stale config files @@ -14,8 +14,8 @@ state: absent path: '{{ item.path }}' with_items: - - { path: "/etc/nginx/conf.d/usb-lib.conf" } - - { path: "/etc/nginx/conf.d/modules.conf" } + - { path: "{{ nginx_config_dir }}/usb-lib.conf" } + - { path: "{{ nginx_config_dir }}/modules.conf" } - name: Insure that apache2 is not running -- we may need port swap systemd: diff --git a/roles/nginx/templates/server.conf b/roles/nginx/templates/server.conf index e734bde1f..47467aad8 100644 --- a/roles/nginx/templates/server.conf +++ b/roles/nginx/templates/server.conf @@ -10,7 +10,7 @@ server { index index.php index.html index.htm; # let individual services drop location blocks in conf.d - include /etc/nginx/conf.d/*; + include {{ nginx_config_dir }}/*; location ~ .*\.php$ { proxy_set_header X-Real-IP $remote_addr; From adde3b9369b4a5bf1a8448c8a3a6d472057b452d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 4 Jan 2020 00:36:28 -0600 Subject: [PATCH 03/67] awstats - softcode nginx_config_dir --- roles/awstats/tasks/enable.yml | 6 +++--- roles/awstats/tasks/install.yml | 2 -- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/roles/awstats/tasks/enable.yml b/roles/awstats/tasks/enable.yml index a80db27db..a795d1908 100644 --- a/roles/awstats/tasks/enable.yml +++ b/roles/awstats/tasks/enable.yml @@ -19,13 +19,13 @@ group: root mode: 0644 with_items: - - { src: "awstats-nginx.conf", dest: "/etc/nginx/conf.d/" } + - { src: "awstats-nginx.conf", dest: "{{ nginx_config_dir }}/" } - { src: "cgi-bin.php", dest: "/etc/nginx/" } when: awstats_enabled and nginx_enabled -- name: Remove /etc/nginx/conf.d/awstats-nginx.conf +- name: Remove {{ nginx_config_dir }}/awstats-nginx.conf file: - path: /etc/nginx/conf.d/awstats-nginx.conf + path: "{{ nginx_config_dir }}/awstats-nginx.conf" state: absent when: not awstats_enabled diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index ca62368e0..c33addfbb 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -44,8 +44,6 @@ group: root mode: 0644 with_items: -# - { src: "awstats-nginx.conf", dest: "/etc/nginx/conf.d/" } -# - { src: "cgi-bin.php", dest: "/etc/nginx/" } - { src: "apache-awstats.conf", dest: "/etc/{{ apache_config_dir }}/awstats.conf" } when: awstats_enabled and is_debuntu From 4cafb59538bd5393e2c37fb54a950e463e5fa05b Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 3 Jan 2020 19:37:41 -0600 Subject: [PATCH 04/67] gitea - softcode nginx_config_dir, adjust restart for nginx --- roles/gitea/tasks/enable.yml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index 5bfd1d729..909b3b42d 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -26,7 +26,7 @@ src: /etc/{{ apache_config_dir }}/gitea.conf dest: /etc/apache2/sites-enabled/gitea.conf state: link - when: gitea_enabled and is_debuntu + when: gitea_enabled and not nginx_enabled - name: Remove apache httpd conf file (OS's other than debuntu) file: @@ -36,21 +36,19 @@ - name: Remove nginx httpd conf file file: - path: /etc/nginx/conf.d/gitea-nginx.conf + path: "{{ nginx_config_dir }}/gitea-nginx.conf" state: absent when: not gitea_enabled - name: Enable nginx httpd conf file template: src: gitea-nginx.conf.j2 - dest: /etc/nginx/conf.d/gitea-nginx.conf + dest: "{{ nginx_config_dir }}/gitea-nginx.conf" when: gitea_enabled and nginx_enabled -- name: >- - Restart Apache ({{ apache_service }}) to {% if gitea_enabled %}enable{% - else %}disable{% endif %} http://box/gitea +- name: Restart nginx systemd: - name: "{{ apache_service }}" + name: nginx daemon_reload: yes state: restarted From e894d2217a2127109c68564ebee7ff7e1c70ba01 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 3 Jan 2020 12:38:05 -0600 Subject: [PATCH 05/67] move wordpress-nginx.conf to enable.yml, add disable logic --- roles/wordpress/tasks/enable.yml | 21 ++++++++++++++++++++- roles/wordpress/tasks/install.yml | 6 ------ 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/roles/wordpress/tasks/enable.yml b/roles/wordpress/tasks/enable.yml index 3796a367b..7621df5e4 100644 --- a/roles/wordpress/tasks/enable.yml +++ b/roles/wordpress/tasks/enable.yml @@ -3,7 +3,7 @@ src: /etc/apache2/sites-available/wordpress.conf path: /etc/apache2/sites-enabled/wordpress.conf state: link - when: wordpress_enabled and is_debuntu + when: wordpress_enabled and not nginx_enabled - name: Remove /etc/apache2/sites-enabled/wordpress.conf if not wordpress_enabled (debuntu) file: @@ -11,10 +11,29 @@ state: absent when: not wordpress_enabled and is_debuntu +- name: Install {{ nginx_config_dir }}/wordpress-nginx.conf from template, for http://box{{ wp_url }} + template: + src: wordpress-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/wordpress-nginx.conf" + when: wordpress_enabled and nginx_enabled + +- name: Remove {{ nginx_config_dir }}/wordpress-nginx.conf if not wordpress_enabled (debuntu) + file: + path: "{{ nginx_config_dir }}/wordpress-nginx.conf" + state: absent + when: not wordpress_enabled and nginx_enabled + - name: Restart Apache service ({{ apache_service }}) to enable/disable http://box{{ wp_url }} systemd: name: "{{ apache_service }}" state: restarted + when: not nginx_enabled + +- name: Restart nginx service to enable/disable http://box{{ wp_url }} + systemd: + name: nginx + state: restarted + when: nginx_enabled - name: Add 'wordpress' variable values to {{ iiab_ini_file }} ini_file: diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 4bf624f49..239e2ea56 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -101,12 +101,6 @@ dest: "/etc/{{ apache_config_dir }}/wordpress.conf" when: apache_enabled -- name: Install {{ nginx_config_dir }}/wordpress-nginx.conf from template, for http://box{{ wp_url }} - template: - src: wordpress-nginx.conf.j2 - dest: "{{ nginx_config_dir }}/wordpress-nginx.conf" - when: nginx_enabled - - name: Add 'wordpress_installed' variable values to {{ iiab_state_file }} lineinfile: dest: "{{ iiab_state_file }}" From 07996d87b9f1603aae5f0a9dee25b93f5a044ac6 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 3 Jan 2020 19:18:32 -0600 Subject: [PATCH 06/67] osm_v_m - softcode nginx_config_dir, adjust reload for nginx --- roles/osm-vector-maps/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/osm-vector-maps/tasks/main.yml b/roles/osm-vector-maps/tasks/main.yml index c698e3644..b17f97c2e 100644 --- a/roles/osm-vector-maps/tasks/main.yml +++ b/roles/osm-vector-maps/tasks/main.yml @@ -69,17 +69,17 @@ src: map_functions.js dest: '{{ vector_map_path }}/maplist/assets' -- name: Install /etc/nginx/conf.d/osm-vector-maps.conf from template +- name: Install {{ nginx_config_dir }}/osm-vector-maps.conf from template template: src: osm-vector-maps-nginx.conf - dest: "/etc/nginx/conf.d/osm-vector-maps-nginx.conf" - when: osm_vector_maps_enabled | bool + dest: "{{ nginx_config_dir }}/osm-vector-maps-nginx.conf" + when: osm_vector_maps_enabled -- name: Remove config /etc/nginx/conf,d/osm-vector-maps.conf (debuntu) +- name: Remove {{ nginx_config_dir }}/osm-vector-maps.conf (debuntu) file: - path: /etc/nginx/conf.d/osm-vector-maps-nginx.conf + path: "{{ nginx_config_dir }}/osm-vector-maps-nginx.conf" state: absent - when: not osm_vector_maps_enabled | bool + when: not osm_vector_maps_enabled #- name: Does the {{ vector_map_path }}/index.html redirect already exist? # stat: @@ -94,7 +94,7 @@ dest: "{{ vector_map_path }}/index.html" #when: not osm_redirect.stat.exists -- name: Reload Apache service ({{ apache_service }}) # e.g. apache2 +- name: Reload nginx systemd: - name: "{{ apache_service }}" + name: nginx state: reloaded From 3d9bf9c83a8143abe17416c2564fa5d178ce6226 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 3 Jan 2020 19:25:59 -0600 Subject: [PATCH 07/67] sugarizer - softcode nginx_config_dir, add disable logic --- roles/sugarizer/tasks/enable.yml | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index 95db3155f..a7ae534fc 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -3,13 +3,13 @@ src: /etc/apache2/sites-available/sugarizer.conf path: /etc/apache2/sites-enabled/sugarizer.conf state: link - when: sugarizer_enabled | bool and not nginx_enabled | bool + when: sugarizer_enabled and not nginx_enabled - name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf (if not sugarizer_enabled) file: path: /etc/apache2/sites-enabled/sugarizer.conf state: absent - when: not sugarizer_enabled | bool or nginx_enabled | bool + when: not sugarizer_enabled or nginx_enabled - name: "Install sugarizer-nginx.conf (nginx)" template: @@ -19,8 +19,14 @@ owner: root group: root with_items: - - { src: 'sugarizer-nginx.conf', dest: '/etc/nginx/conf.d/sugarizer-nginx.conf' , mode: '0644' } - when: sugarizer_enabled | bool and nginx_enabled | bool + - { src: 'sugarizer-nginx.conf', dest: '{{ nginx_config_dir }}/sugarizer-nginx.conf', mode: '0644' } + when: sugarizer_enabled and nginx_enabled + +- name: Remove {{ nginx_config_dir }}/sugarizer-nginx.conf (if not sugarizer_enabled) + file: + path: "{{ nginx_config_dir }}/sugarizer-nginx.conf" + state: absent + when: not sugarizer_enabled and nginx_enabled # 6. RESTART/STOP SYSTEMD SERVICE @@ -31,7 +37,7 @@ daemon_reload: yes enabled: yes state: restarted - when: sugarizer_enabled | bool + when: sugarizer_enabled - name: Disable & Stop 'sugarizer' systemd service (if not sugarizer_enabled) systemd: @@ -62,7 +68,7 @@ systemd: name: "{{ apache_service }}" # httpd or apache2 state: restarted - when: sugarizer_enabled | bool and not nginx_enabled | bool + when: sugarizer_enabled and not nginx_enabled - name: Restart nginx when enabled systemd: From b7a148de63bbe283863d51936cbaec06f366a3e4 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 3 Jan 2020 19:47:25 -0600 Subject: [PATCH 08/67] kiwix - softcode nginx_config_dir, add disable logic --- roles/kiwix/tasks/kiwix_enable.yml | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_enable.yml b/roles/kiwix/tasks/kiwix_enable.yml index 9e0f63f32..cffee2647 100644 --- a/roles/kiwix/tasks/kiwix_enable.yml +++ b/roles/kiwix/tasks/kiwix_enable.yml @@ -3,7 +3,7 @@ src: /etc/apache2/sites-available/kiwix.conf path: /etc/apache2/sites-enabled/kiwix.conf state: link - when: kiwix_enabled | bool and not nginx_enabled | bool + when: kiwix_enabled and not nginx_enabled - name: Install nginx support template: @@ -14,14 +14,20 @@ group: root mode: "{{ item.mode }}" with_items: - - { src: 'kiwix-nginx.conf', dest: '/etc/nginx/conf.d/kiwix-nginx.conf', mode: '0644' } - when: kiwix_enabled | bool and nginx_enabled | bool + - { src: 'kiwix-nginx.conf', dest: '{{ nginx_config_dir }}/kiwix-nginx.conf', mode: '0644' } + when: kiwix_enabled and nginx_enabled - name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf file: path: /etc/apache2/sites-enabled/kiwix.conf state: absent - when: not kiwix_enabled | bool or nginx_enabled | bool + when: not kiwix_enabled or nginx_enabled + +- name: Remove {{ nginx_config_dir }}/kiwix-nginx.conf + file: + path: "{{ nginx_config_dir }}/kiwix-nginx.conf" + state: absent + when: not kiwix_enabled and nginx_enabled - name: Enable & Restart 'kiwix-serve' service systemd: @@ -29,7 +35,7 @@ name: kiwix-serve enabled: yes state: restarted - when: kiwix_enabled | bool + when: kiwix_enabled - name: Disable 'kiwix-serve' service systemd: @@ -59,9 +65,19 @@ when: kiwix_enabled and is_redhat - name: Restart Apache, so it picks up kiwix.conf - service: + systemd: name: "{{ apache_service }}" state: restarted + daemon-reload: yes + when: not nginx_enabled + +- name: Restart nginx service + systemd: + name: nginx + state: restarted + daemon-reload: yes + when: nginx_enabled + # 5. FINALIZE From 61b5800c199a362f77f6233bab35e737494e4b29 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 4 Jan 2020 00:22:47 -0600 Subject: [PATCH 09/67] calibre-web - softcode nginx_config_dir, add disable logic --- roles/calibre-web/tasks/enable.yml | 40 ++++++++++++++---------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index 244c8b942..898a08697 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -4,17 +4,7 @@ daemon_reload: yes enabled: yes state: restarted - when: calibreweb_enabled | bool - -# Default: http://box/books -# SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy -- name: Enable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache - command: a2ensite calibre-web.conf - when: calibreweb_enabled | bool - -#- name: Restart Apache after enabling calibre-web httpd2 site -# command: apachectl -k graceful -# when: calibreweb_enabled | bool + when: calibreweb_enabled - name: Disable 'calibre-web' systemd service systemd: @@ -24,15 +14,17 @@ state: stopped when: not calibreweb_enabled +# Default: http://box/books +# SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy +- name: Enable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache + command: a2ensite calibre-web.conf + when: calibreweb_enabled and not nginx_enabled + - name: Disable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache command: a2dissite calibre-web.conf - when: not calibreweb_enabled or nginx_enabled | bool + when: not calibreweb_enabled or nginx_enabled | bool and apache_install -#- name: Restart Apache after disabling calibre-web httpd2 site -# command: apachectl -k graceful -# when: not calibreweb_enabled - -- name: Install /etc/nginx/conf.d/calibre-web-nginx.conf +- name: Install {{ nginx_config_dir }}/calibre-web-nginx.conf template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -40,20 +32,26 @@ owner: root group: root with_items: - - { src: 'calibre-web-nginx.conf.j2', dest: '/etc/nginx/conf.d/calibre-web-nginx.conf', mode: '0644' } - when: calibreweb_enabled | bool and nginx_enabled | bool + - { src: 'calibre-web-nginx.conf.j2', dest: '{{ nginx_config_dir }}/calibre-web-nginx.conf', mode: '0644' } + when: calibreweb_enabled and nginx_enabled + +- name: Remove {{ nginx_config_dir }}/calibre-web-nginx.conf + file: + path: {{ nginx_config_dir }}/calibre-web-nginx.conf + state: absent + when: not calibreweb_enabled and nginx_enabled - name: Restart nginx systemd service systemd: name: nginx state: restarted - when: calibreweb_enabled | bool and nginx_enabled | bool + when: calibreweb_enabled and nginx_enabled - name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" # httpd or apache2 state: restarted - when: not nginx_enabled | bool + when: not nginx_enabled - name: Add 'calibre-web' variable values to {{ iiab_ini_file }} ini_file: From b31c2035a6719e21031f937a957ab1b7b9ce8f3d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 4 Jan 2020 00:29:59 -0600 Subject: [PATCH 10/67] kolibri - softcode nginx_config_dir, add disable logic --- roles/kolibri/tasks/enable.yml | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/roles/kolibri/tasks/enable.yml b/roles/kolibri/tasks/enable.yml index b2dca9682..484a9bdee 100644 --- a/roles/kolibri/tasks/enable.yml +++ b/roles/kolibri/tasks/enable.yml @@ -3,11 +3,7 @@ name: kolibri state: started enabled: yes - when: kolibri_enabled | bool - -- name: Enable http://box{{ kolibri_url }} with Apache (a2ensite) if kolibri_enabled # i.e. http://box/kolibri - command: a2ensite kolibri.conf - when: kolibri_enabled | bool and not nginx_enabled | bool + when: kolibri_enabled - name: Disable & Stop 'kolibri' systemd service if not kolibri_enabled systemd: @@ -16,11 +12,15 @@ state: stopped when: not kolibri_enabled +- name: Enable http://box{{ kolibri_url }} with Apache (a2ensite) if kolibri_enabled # i.e. http://box/kolibri + command: a2ensite kolibri.conf + when: kolibri_enabled and not nginx_enabled + - name: Disable http://box{{ kolibri_url }} with Apache (a2dissite) if not kolibri_enabled command: a2dissite kolibri.conf - when: not kolibri_enabled or nginx_enabled | bool + when: not kolibri_enabled or nginx_enabled -- name: Supply /etc/nginx/conf.d/kolibri-nginx.conf when nginx_enabled +- name: Supply {{ nginx_config_dir }}/kolibri-nginx.conf when nginx_enabled template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -28,24 +28,26 @@ owner: root group: root with_items: - - { src: 'kolibri-nginx.conf.j2', dest: '/etc/nginx/conf.d/kolibri-nginx.conf', mode: '0644' } - when: kolibri_enabled | bool and nginx_enabled | bool + - { src: 'kolibri-nginx.conf.j2', dest: '{{ nginx_config_dir }}/kolibri-nginx.conf', mode: '0644' } + when: kolibri_enabled and nginx_enabled -- name: Disable http://box{{ kolibri_url }} with Apache (a2dissite) if not kolibri_enabled - command: a2dissite kolibri.conf - when: not kolibri_enabled or nginx_enabled | bool +- name: Remove {{ nginx_config_dir }}/kolibri-nginx.conf when not nginx_enabled + file: + path: "{{ nginx_config_dir }}/kolibri-nginx.conf" + state: absent + when: not kolibri_enabled and nginx_enabled - name: Restart Apache service ({{ apache_service }}) # e.g. apache2 systemd: name: "{{ apache_service }}" state: restarted - when: not nginx_enabled | bool + when: not nginx_enabled - name: Restart nginx service systemd: name: nginx state: restarted - when: nginx_enabled | bool + when: nginx_enabled - name: Add 'kolibri' variable values to {{ iiab_ini_file }} # /etc/iiab/iiab.ini ini_file: From dfe78fc1b8fa76baf53d33177271dfdb9d2e8de4 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 4 Jan 2020 01:37:37 -0600 Subject: [PATCH 11/67] mediawiki tweaks --- roles/mediawiki/tasks/enable.yml | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/roles/mediawiki/tasks/enable.yml b/roles/mediawiki/tasks/enable.yml index 3b780c43d..8d2370e96 100644 --- a/roles/mediawiki/tasks/enable.yml +++ b/roles/mediawiki/tasks/enable.yml @@ -3,12 +3,24 @@ src: /etc/apache2/sites-available/mediawiki.conf dest: /etc/apache2/sites-enabled/mediawiki.conf state: link - when: mediawiki_enabled and is_debuntu + when: mediawiki_enabled and not nginx_enabled - name: Remove mediawiki.conf if not mediawiki_enabled (debuntu) file: path: /etc/apache2/sites-enabled/mediawiki.conf state: absent + when: not mediawiki_enabled or nginx_enabled + +- name: Install {{ nginx_config_dir }}/mediawiki-nginx.conf from template, for http://box{{ mediawiki_url }} + template: + src: mediawiki-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/mediawiki-nginx.conf" + when: mediawiki_enabled and nginx_enabled + +- name: Remove mediawiki-nginx.conf if not mediawiki_enabled (debuntu) + file: + path: "{{ nginx_config_dir }}/mediawiki-nginx.conf" + state: absent when: not mediawiki_enabled and is_debuntu - name: Restart Apache service ({{ apache_service }}) to enable/disable http://box{{ mediawiki_url }} @@ -16,24 +28,14 @@ name: "{{ apache_service }}" daemon_reload: yes state: restarted - -- name: Install {{ nginx_config_dir }}/mediawiki-nginx.conf from template, for http://box{{ mediawiki_url }} - template: - src: mediawiki-nginx.conf.j2 - dest: "{{ nginx_config_dir }}/mediawiki-nginx.conf" - when: mediawiki_enabled - -- name: Remove mediawiki-nginx.conf if not mediawiki_enabled (debuntu) - file: - path: "{{ nginx_config_dir }}/mediawiki-nginx.conf" - state: absent - when: not mediawiki_enabled and is_debuntu + when: mediawiki_enabled and not nginx_enabled - name: Restart nginx service to enable/disable http://box{{ mediawiki_url }} systemd: name: nginx daemon_reload: yes state: restarted + when: nginx_enabled - name: Add 'mediawiki' variable values to {{ iiab_ini_file }} ini_file: From c61badf7f69a2e28f82e61c27c992b87f0935966 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 4 Jan 2020 01:40:12 -0600 Subject: [PATCH 12/67] update to current state --- roles/nginx/README.md | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/roles/nginx/README.md b/roles/nginx/README.md index 278b4f14c..eb67feb05 100644 --- a/roles/nginx/README.md +++ b/roles/nginx/README.md @@ -4,21 +4,24 @@ 3. Current state (10/16/19) 1. Principal functions migrated to nginx. * Admin Console - * Awstats * kalite -- goes directly to port 8009 - * usb-lib * maps + * usb-lib 2. Dual support - * kiwix -- goes directly to port 3000 + * Awstats * calibre-web + * gitea + * kiwix -- goes directly to port 3000 * kolibri - * sugarizer - 3. Still proxied to Apache * mediawiki + * sugarizer + * wordpress + 3. Still proxied to Apache + * dokuwiki * elgg + * lokole + * moodle * nodered * nextcloud - * wordpress - * moodle 4. Not dealt with yet * archive.org From 995d268bcaa549524f3c541de0a001c0e276e3cb Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 10 Jan 2020 17:13:06 -0500 Subject: [PATCH 13/67] fix: and has precedence over or; "| bool" consistency --- roles/calibre-web/tasks/enable.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index 898a08697..b817617a6 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -4,7 +4,7 @@ daemon_reload: yes enabled: yes state: restarted - when: calibreweb_enabled + when: calibreweb_enabled | bool - name: Disable 'calibre-web' systemd service systemd: @@ -22,7 +22,7 @@ - name: Disable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache command: a2dissite calibre-web.conf - when: not calibreweb_enabled or nginx_enabled | bool and apache_install + when: (not calibreweb_enabled or nginx_enabled) and apache_install - name: Install {{ nginx_config_dir }}/calibre-web-nginx.conf template: From 30379d9cd300c398548b423430e9f9ad78ba2c45 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 10 Jan 2020 17:43:02 -0500 Subject: [PATCH 14/67] Update gitea/tasks/enable.yml for Apache & NGINX --- roles/gitea/tasks/enable.yml | 38 +++++++++++++++++++++++------------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index 909b3b42d..eec91966f 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -1,4 +1,4 @@ -- name: Enable 'gitea' service +- name: Enable 'gitea' systemd service systemd: daemon_reload: yes name: gitea @@ -6,7 +6,7 @@ state: restarted when: gitea_enabled | bool -- name: Disable 'gitea' service +- name: Disable 'gitea' systemd service systemd: daemon_reload: yes name: gitea @@ -14,43 +14,53 @@ state: stopped when: not gitea_enabled -# Configure HTTPD +# Configure Apache -- name: Copy gitea httpd conf file +- name: Remove softlink /etc/apache2/sites-enabled/gitea.conf + file: + path: /etc/apache2/sites-enabled/gitea.conf + state: absent + when: not gitea_enabled or nginx_enabled + +- name: 'Install from template: /etc/{{ apache_config_dir }}/gitea.conf' template: src: gitea.conf.j2 dest: "/etc/{{ apache_config_dir }}/gitea.conf" + when: not nginx_enabled -- name: Enable httpd conf file (apache) +- name: Enable softlink /etc/apache2/sites-enabled/gitea.conf -> /etc/{{ apache_config_dir }}/gitea.conf file: src: /etc/{{ apache_config_dir }}/gitea.conf dest: /etc/apache2/sites-enabled/gitea.conf state: link when: gitea_enabled and not nginx_enabled -- name: Remove apache httpd conf file (OS's other than debuntu) - file: - path: /etc/apache2/sites-enabled/gitea.conf - state: absent - when: not gitea_enabled or nginx_enabled +- name: Restart Apache systemd service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" # httpd or apache2 + state: restarted + when: not nginx_enabled -- name: Remove nginx httpd conf file +# Configure NGINX + +- name: Remove {{ nginx_config_dir }}/gitea-nginx.conf file: path: "{{ nginx_config_dir }}/gitea-nginx.conf" state: absent - when: not gitea_enabled + when: not gitea_enabled or not nginx_enabled -- name: Enable nginx httpd conf file +- name: 'Install from template: {{ nginx_config_dir }}/gitea-nginx.conf' template: src: gitea-nginx.conf.j2 dest: "{{ nginx_config_dir }}/gitea-nginx.conf" when: gitea_enabled and nginx_enabled -- name: Restart nginx +- name: Restart nginx systemd service systemd: name: nginx daemon_reload: yes state: restarted + when: nginx_enabled | bool # Add Gitea to registry From c6e674c87b49e0fe77613cd6365dd91cf393bd51 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 10 Jan 2020 18:08:02 -0500 Subject: [PATCH 15/67] Update enable.yml --- roles/gitea/tasks/enable.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index eec91966f..b71d2b2b4 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -14,7 +14,7 @@ state: stopped when: not gitea_enabled -# Configure Apache +# Apache - name: Remove softlink /etc/apache2/sites-enabled/gitea.conf file: @@ -41,7 +41,7 @@ state: restarted when: not nginx_enabled -# Configure NGINX +# NGINX - name: Remove {{ nginx_config_dir }}/gitea-nginx.conf file: From b02e03a3c5088a4ad8132ade70672bc0925faebf Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 10 Jan 2020 18:18:12 -0500 Subject: [PATCH 16/67] Update awstats/tasks/enable.yml --- roles/awstats/tasks/enable.yml | 64 +++++++++++++++++++++------------- 1 file changed, 39 insertions(+), 25 deletions(-) diff --git a/roles/awstats/tasks/enable.yml b/roles/awstats/tasks/enable.yml index a795d1908..4f4f9b943 100644 --- a/roles/awstats/tasks/enable.yml +++ b/roles/awstats/tasks/enable.yml @@ -1,45 +1,59 @@ -- name: Create symlink awstats.conf from sites-enabled to sites-available (Apache) - file: - src: /etc/apache2/sites-available/awstats.conf - path: /etc/apache2/sites-enabled/awstats.conf - state: link - when: awstats_enabled and not nginx_enabled +# Apache -- name: Remove symlink from sites-enabled, to disable AWStats (Apache) +- name: Remove symlink /etc/apache2/sites-enabled/awstats.conf file: path: /etc/apache2/sites-enabled/awstats.conf state: absent when: not awstats_enabled or nginx_enabled -- name: Install nginx's files from template - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: 0644 - with_items: - - { src: "awstats-nginx.conf", dest: "{{ nginx_config_dir }}/" } - - { src: "cgi-bin.php", dest: "/etc/nginx/" } - when: awstats_enabled and nginx_enabled +#- name: 'Install from template: /etc/{{ apache_config_dir }}/awstats.conf' +# template: +# src: apache-awstats.conf +# dest: "/etc/{{ apache_config_dir }}/awstats.conf" +# owner: root # Not nec? Remove? +# group: root # Not nec? Remove? +# mode: 0644 # Not nec? Remove? +# when: not nginx_enabled -- name: Remove {{ nginx_config_dir }}/awstats-nginx.conf +- name: Symlink /etc/apache2/sites-enabled/awstats.conf -> /etc/{{ apache_config_dir }}/awstats.conf file: - path: "{{ nginx_config_dir }}/awstats-nginx.conf" - state: absent - when: not awstats_enabled + src: "/etc/{{ apache_config_dir }}/awstats.conf" + path: /etc/apache2/sites-enabled/awstats.conf + state: link + when: awstats_enabled and not nginx_enabled -- name: Restart Apache service ({{ apache_service }}) +- name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" state: restarted when: awstats_enabled and not nginx_enabled -- name: Restart nginx service +# NGINX + +- name: Remove {{ nginx_config_dir }}/awstats-nginx.conf + file: + path: "{{ nginx_config_dir }}/awstats-nginx.conf" + state: absent + when: not awstats_enabled or not nginx_enabled + +- name: 'Install from template: /etc/nginx/cgi-bin.php, {{ nginx_config_dir }}/awstats-nginx.conf' + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: 0644 # Not nec? Remove? + with_items: + - { src: "awstats-nginx.conf", dest: "{{ nginx_config_dir }}/" } + - { src: "cgi-bin.php", dest: "/etc/nginx/" } + when: awstats_enabled and nginx_enabled + +- name: Restart nginx systemd service systemd: name: nginx + daemon_reload: yes state: restarted - when: awstats_enabled and nginx_enabled + when: nginx_enabled | bool - name: Add 'awstats' variable values to {{ iiab_ini_file }} ini_file: From 7afb4f049ac16e3d76691adb99f1e57efdb5d3f0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 10 Jan 2020 18:18:54 -0500 Subject: [PATCH 17/67] Update gitea/tasks/enable.yml --- roles/gitea/tasks/enable.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index b71d2b2b4..a59af9165 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -28,10 +28,10 @@ dest: "/etc/{{ apache_config_dir }}/gitea.conf" when: not nginx_enabled -- name: Enable softlink /etc/apache2/sites-enabled/gitea.conf -> /etc/{{ apache_config_dir }}/gitea.conf +- name: Softlink /etc/apache2/sites-enabled/gitea.conf -> /etc/{{ apache_config_dir }}/gitea.conf file: src: /etc/{{ apache_config_dir }}/gitea.conf - dest: /etc/apache2/sites-enabled/gitea.conf + path: /etc/apache2/sites-enabled/gitea.conf state: link when: gitea_enabled and not nginx_enabled @@ -66,7 +66,7 @@ - name: Add 'gitea' to list of services at {{ iiab_ini_file }} ini_file: - dest: "{{ iiab_ini_file }}" + path: "{{ iiab_ini_file }}" section: gitea option: "{{ item.option }}" value: "{{ item.value }}" From 866275179da0924b309049adc152b270b0ed86cb Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 10 Jan 2020 18:27:42 -0500 Subject: [PATCH 18/67] Update calibre-web/tasks/enable.yml --- roles/calibre-web/tasks/enable.yml | 49 ++++++++++++++++-------------- 1 file changed, 26 insertions(+), 23 deletions(-) diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index b817617a6..e7dcf2364 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -14,6 +14,8 @@ state: stopped when: not calibreweb_enabled +# APACHE + # Default: http://box/books # SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy - name: Enable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache @@ -24,35 +26,36 @@ command: a2dissite calibre-web.conf when: (not calibreweb_enabled or nginx_enabled) and apache_install -- name: Install {{ nginx_config_dir }}/calibre-web-nginx.conf - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'calibre-web-nginx.conf.j2', dest: '{{ nginx_config_dir }}/calibre-web-nginx.conf', mode: '0644' } - when: calibreweb_enabled and nginx_enabled - -- name: Remove {{ nginx_config_dir }}/calibre-web-nginx.conf - file: - path: {{ nginx_config_dir }}/calibre-web-nginx.conf - state: absent - when: not calibreweb_enabled and nginx_enabled - -- name: Restart nginx systemd service - systemd: - name: nginx - state: restarted - when: calibreweb_enabled and nginx_enabled - - name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" # httpd or apache2 state: restarted when: not nginx_enabled +# NGINX + +- name: Remove {{ nginx_config_dir }}/calibre-web-nginx.conf + file: + path: "{{ nginx_config_dir }}/calibre-web-nginx.conf" + state: absent + when: not calibreweb_enabled or not nginx_enabled + +- name: 'Install from template: {{ nginx_config_dir }}/calibre-web-nginx.conf' + template: + src: calibre-web-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/calibre-web-nginx.conf" + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: 0644 # Not nec? Remove? + when: calibreweb_enabled and nginx_enabled + +- name: Restart nginx systemd service + systemd: + name: nginx + daemon_reload: yes + state: restarted + when: calibreweb_enabled and nginx_enabled + - name: Add 'calibre-web' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" From ccc34891a5c3c19b10a55f71cf6e3ce7909c11f5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 10 Jan 2020 18:31:18 -0500 Subject: [PATCH 19/67] Update kiwix/tasks/kiwix_enable.yml --- roles/kiwix/tasks/kiwix_enable.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_enable.yml b/roles/kiwix/tasks/kiwix_enable.yml index cffee2647..dc83709e1 100644 --- a/roles/kiwix/tasks/kiwix_enable.yml +++ b/roles/kiwix/tasks/kiwix_enable.yml @@ -35,7 +35,7 @@ name: kiwix-serve enabled: yes state: restarted - when: kiwix_enabled + when: kiwix_enabled | bool - name: Disable 'kiwix-serve' service systemd: @@ -64,19 +64,19 @@ dest: /etc/crontab when: kiwix_enabled and is_redhat -- name: Restart Apache, so it picks up kiwix.conf +- name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" - state: restarted daemon-reload: yes + state: restarted when: not nginx_enabled -- name: Restart nginx service +- name: Restart nginx systemd service systemd: name: nginx - state: restarted daemon-reload: yes - when: nginx_enabled + state: restarted + when: nginx_enabled | bool # 5. FINALIZE From b678a072089fee4b71547f5b5fcd481e4b048bff Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 11:35:49 -0500 Subject: [PATCH 20/67] Update and rename kiwix_enable.yml to enable.yml --- .../tasks/{kiwix_enable.yml => enable.yml} | 68 +++++++++---------- 1 file changed, 31 insertions(+), 37 deletions(-) rename roles/kiwix/tasks/{kiwix_enable.yml => enable.yml} (72%) diff --git a/roles/kiwix/tasks/kiwix_enable.yml b/roles/kiwix/tasks/enable.yml similarity index 72% rename from roles/kiwix/tasks/kiwix_enable.yml rename to roles/kiwix/tasks/enable.yml index dc83709e1..599b8c7ff 100644 --- a/roles/kiwix/tasks/kiwix_enable.yml +++ b/roles/kiwix/tasks/enable.yml @@ -1,35 +1,4 @@ -- name: Create softlink kiwix.conf from sites-enabled to sites-available - for Kiwix Proxy in Apache - is disabled by turning off service kiwix-serve (debuntu) - file: - src: /etc/apache2/sites-available/kiwix.conf - path: /etc/apache2/sites-enabled/kiwix.conf - state: link - when: kiwix_enabled and not nginx_enabled - -- name: Install nginx support - template: - backup: no - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'kiwix-nginx.conf', dest: '{{ nginx_config_dir }}/kiwix-nginx.conf', mode: '0644' } - when: kiwix_enabled and nginx_enabled - -- name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf - file: - path: /etc/apache2/sites-enabled/kiwix.conf - state: absent - when: not kiwix_enabled or nginx_enabled - -- name: Remove {{ nginx_config_dir }}/kiwix-nginx.conf - file: - path: "{{ nginx_config_dir }}/kiwix-nginx.conf" - state: absent - when: not kiwix_enabled and nginx_enabled - -- name: Enable & Restart 'kiwix-serve' service +- name: Enable & Restart 'kiwix-serve' systemd service systemd: daemon_reload: yes name: kiwix-serve @@ -37,13 +6,14 @@ state: restarted when: kiwix_enabled | bool -- name: Disable 'kiwix-serve' service +- name: Disable 'kiwix-serve' systemd service systemd: name: kiwix-serve enabled: no state: stopped when: not kiwix_enabled -# IN THEORY: BOTH CRON ENTRIES BELOW *SHOULD* BE DELETED "when: not kiwix_enabled" + +# TO DO: BOTH CRON ENTRIES BELOW *SHOULD* BE DELETED "when: not kiwix_enabled" # In the past kiwix-serve did not stay running, so we'd been doing this hourly. # @mgautierfr & others suggest kiwix-serve might be auto-restarted w/o cron in @@ -64,6 +34,16 @@ dest: /etc/crontab when: kiwix_enabled and is_redhat +# Apache + +- name: Enable http://box/kiwix with Apache proxy + command: a2ensite kiwix.conf + when: kiwix_enabled and not nginx_enabled + +- name: Disable http://box/kiwix with Apache + command: a2dissite calibre-web.conf + when: not kiwix_enabled or nginx_enabled + - name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" @@ -71,6 +51,23 @@ state: restarted when: not nginx_enabled +# NGINX + +- name: 'Install from template: {{ nginx_config_dir }}/kiwix-nginx.conf' + template: + src: kiwix-nginx.conf + dest: "{{ nginx_config_dir }}/kiwix-nginx.conf" + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: kiwix_enabled and nginx_enabled + +- name: Remove {{ nginx_config_dir }}/kiwix-nginx.conf + file: + path: "{{ nginx_config_dir }}/kiwix-nginx.conf" + state: absent + when: not kiwix_enabled or not nginx_enabled + - name: Restart nginx systemd service systemd: name: nginx @@ -78,9 +75,6 @@ state: restarted when: nginx_enabled | bool - -# 5. FINALIZE - - name: Add 'kiwix' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" From ab55016f5b817490f201324929d4f480ed1b75e5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 12:01:48 -0500 Subject: [PATCH 21/67] Update roles/kiwix/tasks/main.yml --- roles/kiwix/tasks/main.yml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index a1ac24b37..8d65b3f04 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -33,12 +33,8 @@ kiwix_force_install: True when: not kiwix_bin.stat.exists or reinstall is defined -- include_tasks: kiwix_install.yml - when: (kiwix_install | bool and not kiwix_installed is defined) or kiwix_force_install | bool - tags: - - kiwix +- include_tasks: install.yml + when: (kiwix_install and not kiwix_installed is defined) or kiwix_force_install -- include_tasks: kiwix_enable.yml - when: kiwix_install | bool or kiwix_installed is defined - tags: - - kiwix +- include_tasks: enable.yml + when: kiwix_enabled # or kiwix_installed is defined From 0af892fc69dd8e3e56e0e1a2132f4e5efa115f4c Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 12:15:37 -0500 Subject: [PATCH 22/67] Update kiwix/defaults/main.yml --- roles/kiwix/defaults/main.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/kiwix/defaults/main.yml b/roles/kiwix/defaults/main.yml index 0bd23c25a..992d94c5a 100644 --- a/roles/kiwix/defaults/main.yml +++ b/roles/kiwix/defaults/main.yml @@ -30,9 +30,11 @@ kiwix_path: "{{ iiab_base }}/kiwix" # /opt/iiab/kiwix # /library/zims contains 3 important things: # - library.xml -# - content directory for all *.zim's -# - index directory for legacy *.zim.idx's +# - content = directory for all *.zim's +# - index = directory for legacy *.zim.idx's kiwix_library_xml: "{{ iiab_zim_path }}/library.xml" -# MOVE FILE /opt/iiab/kiwix/bin/kiwix-serve TO FORCE A REINSTALL OF kiwix-tools +# INSTRUCTIONS TO REINSTALL kiwix (1) VERIFY ITS VARS IN /etc/iiab/local_vars.yml (2) THEN RUN EITHER BELOW... +# - NEW WAY: cd /opt/iiab/iiab; ./runrole --reinstall kiwix +# - OLD WAY: rm /opt/iiab/kiwix/bin/kiwix-serve; cd /opt/iiab/iiab; ./runrole kiwix kiwix_force_install: False From b2674391365f67e1eb37ee86ef848084e679986b Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 12:38:37 -0500 Subject: [PATCH 23/67] Update and rename kiwix_install.yml to install.yml --- .../tasks/{kiwix_install.yml => install.yml} | 47 +++++++++---------- 1 file changed, 23 insertions(+), 24 deletions(-) rename roles/kiwix/tasks/{kiwix_install.yml => install.yml} (75%) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/install.yml similarity index 75% rename from roles/kiwix/tasks/kiwix_install.yml rename to roles/kiwix/tasks/install.yml index 1d9ae4c8b..defce47e0 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/install.yml @@ -1,4 +1,5 @@ # 1. CREATE/VERIFY CRITICAL DIRECTORIES & FILES ARE IN PLACE + - name: Download Kiwix software to /opt/iiab/downloads get_url: url: "{{ iiab_download_url }}/{{ kiwix_src_file }}" @@ -14,9 +15,9 @@ - name: Create directory {{ iiab_zim_path }} and subdirs {content, index} for Kiwix ZIM files file: path: "{{ item }}" - owner: root - group: root - mode: 0755 + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0755' # Not nec? Remove? state: directory with_items: - "{{ iiab_zim_path }}" @@ -28,47 +29,44 @@ path: "{{ kiwix_library_xml }}" register: kiwix_xml -- name: Install a stub /library/zims/library.xml if one doesn't exist +- name: Install stub /library/zims/library.xml from template, if one doesn't exist template: src: library.xml dest: "{{ kiwix_library_xml }}" - mode: 0644 - owner: root - group: root + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? force: no when: not kiwix_xml.stat.exists -- name: Install {{ iiab_zim_path }}/content/test.zim if kiwix_force_install +- name: Install {{ iiab_zim_path }}/content/test.zim copy: src: test.zim dest: "{{ iiab_zim_path }}/content/test.zim" - mode: 0644 - owner: root - group: root + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? force: no - when: kiwix_force_install | bool - name: Create {{ kiwix_path }}/bin directory # /opt/iiab/kiwix/bin file: path: "{{ kiwix_path }}/bin" - owner: root - group: root - mode: 0755 + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0755' # Not nec? Remove? state: directory -# 2. INSTALL KIWIX-TOOLS EXECUTABLES IF kiwix_force_install +# 2. INSTALL KIWIX-TOOLS EXECUTABLES - name: Unarchive {{ kiwix_src_file }} to /tmp # e.g. kiwix-tools_linux-armhf-0.6.1-1.tar.gz unarchive: src: "{{ downloads_dir }}/{{ kiwix_src_file }}" dest: /tmp - owner: root - group: root - when: kiwix_force_install | bool + owner: root # Not nec? Remove? + group: root # Not nec? Remove? - name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location /opt/iiab/kiwix/bin (armhf & linux64 & i686) shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" - when: kiwix_force_install | bool # 3. ENABLE MODS FOR APACHE PROXY IF DEBUNTU @@ -84,15 +82,14 @@ # - rewrite # when: is_debuntu | bool -# 4. CREATE/ENABLE/RESTART (OR DISABLE) KIWIX SERVICE & ITS CRON JOB +# 4. INSTALL iiab-make-kiwix-lib*, kiwix-serve.service, kiwix.conf for Apache - name: 'Install from templates: kiwix-serve.service, iiab-make-kiwix-lib, iiab-make-kiwix-lib.py, kiwix.conf' template: - backup: no src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root + owner: root # Not nec? Remove? + group: root # Not nec? Remove? mode: "{{ item.mode }}" with_items: - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644'} @@ -100,6 +97,8 @@ - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755'} - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644'} +5. RECORD KIWIX AS INSTALLED + - name: Add 'kiwix_installed' variable values to {{ iiab_state_file }} lineinfile: dest: "{{ iiab_state_file }}" From 8f48ab5654b2faa3ce99e05228e31ed6a981111f Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 12:48:09 -0500 Subject: [PATCH 24/67] Update roles/nginx/README.md --- roles/nginx/README.md | 53 ++++++++++++++++++++++--------------------- 1 file changed, 27 insertions(+), 26 deletions(-) diff --git a/roles/nginx/README.md b/roles/nginx/README.md index eb67feb05..36184d6e4 100644 --- a/roles/nginx/README.md +++ b/roles/nginx/README.md @@ -1,27 +1,28 @@ ### Transition to NGINX -1. Initial testing strategy is to move nginx to port 80, and proxy everything to apache on port 8090-- creating a shim. -2. Without php available via fastcgi, any function at all for php based applications validates nginx. -3. Current state (10/16/19) - 1. Principal functions migrated to nginx. - * Admin Console - * kalite -- goes directly to port 8009 - * maps - * usb-lib - 2. Dual support - * Awstats - * calibre-web - * gitea - * kiwix -- goes directly to port 3000 - * kolibri - * mediawiki - * sugarizer - * wordpress - 3. Still proxied to Apache - * dokuwiki - * elgg - * lokole - * moodle - * nodered - * nextcloud - 4. Not dealt with yet - * archive.org + +1. Initial testing strategy is to move nginx to port 80, and proxy everything to Apache on port 8090 -- creating a shim. +2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX. +3. Current state (2020-01-11) + 1. Principal functions migrated to NGINX + * Admin Console (http://box.lan/admin) + * kalite -- goes directly to port 8009 + * osm-vector-maps + * usb-lib + 2. Dual support + * awstats + * calibre-web + * gitea + * kiwix -- goes directly to port 3000 + * kolibri + * mediawiki + * sugarizer + * wordpress + 3. Still proxied to Apache + * dokuwiki + * elgg + * lokole + * moodle + * nodered + * nextcloud + 4. Not dealt with yet + * internetarchive From 5fb75471c1cb034e1cc253f17fb97149b6dd8229 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 12:59:05 -0500 Subject: [PATCH 25/67] Update roles/nginx/README.md --- roles/nginx/README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/nginx/README.md b/roles/nginx/README.md index 36184d6e4..213874552 100644 --- a/roles/nginx/README.md +++ b/roles/nginx/README.md @@ -4,25 +4,25 @@ 2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX. 3. Current state (2020-01-11) 1. Principal functions migrated to NGINX - * Admin Console (http://box.lan/admin) + * Admin Console * kalite -- goes directly to port 8009 + * mediawiki * osm-vector-maps * usb-lib + * wordpress 2. Dual support - * awstats + * awstats ([#2124](https://github.com/iiab/iiab/issues/2124)) * calibre-web * gitea * kiwix -- goes directly to port 3000 * kolibri - * mediawiki * sugarizer - * wordpress 3. Still proxied to Apache - * dokuwiki + * dokuwiki ([#2056](https://github.com/iiab/iiab/issues/2056)) * elgg * lokole * moodle * nodered - * nextcloud - 4. Not dealt with yet - * internetarchive + * nextcloud ([PR #2119](https://github.com/iiab/iiab/pull/2119)) + 4. Not yet dealt with + * internetarchive ([#2120](https://github.com/iiab/iiab/pull/2120)) From 3dc610d33f58e2fcc7b914985fc6b0f6016bf6f1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 13:17:50 -0500 Subject: [PATCH 26/67] Update wordpress/tasks/install.yml --- roles/wordpress/tasks/install.yml | 41 +++++++++++-------------------- 1 file changed, 15 insertions(+), 26 deletions(-) diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 239e2ea56..ac9874da8 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -16,12 +16,12 @@ url: "{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest: "{{ downloads_dir }}" timeout: "{{ download_timeout }}" -# force: yes -# backup: yes + # force: yes + # backup: yes register: wp_download_output when: internet_available | bool -- name: Create symlink from /opt/iiab/downloads/wordpress.tar.gz to {{ wp_download_output.dest }} +- name: Symlink /opt/iiab/downloads/wordpress.tar.gz -> {{ wp_download_output.dest }} file: src: "{{ wp_download_output.dest }}" path: "{{ downloads_dir }}/wordpress.tar.gz" @@ -43,21 +43,10 @@ src: "{{ downloads_dir }}/wordpress.tar.gz" dest: "{{ wp_install_path }}" owner: root - group: "{{ apache_user }}" - mode: 0664 + group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? + mode: '0664' keep_newer: yes -# - name: Rename /library/wordpress* to /library/wordpress -# shell: if [ ! -d {{ wp_abs_path }} ]; then mv {{ wp_abs_path }}* {{ wp_abs_path }}; fi - -#- name: Make Apache owner and group, 1st pass permissions set to 0664 -# file: path={{ wp_abs_path }} -# recurse=yes -# owner=root -# group={{ apache_user }} -# mode=0664 -# state=directory - - name: Make /library/wordpress directories 775 so Apache can traverse and write (most files remain 0664) command: "/usr/bin/find {{ wp_abs_path }} -type d -exec chmod 775 {} +" @@ -65,9 +54,9 @@ copy: src: wp-keys.php.BAK dest: "{{ wp_abs_path }}/wp-keys.php.BAK" - owner: root - group: "{{ apache_user }}" - mode: 0640 + owner: root # Not nec? Remove? + group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? + mode: '0640' # Fetch random salts for WordPress config into wp-keys.php file by generating script and running @@ -75,9 +64,9 @@ template: src: get-iiab-wp-salts.j2 dest: /tmp/get-iiab-wp-salts - owner: root - group: root - mode: 0700 + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0700' - name: Run /tmp/get-iiab-wp-salts to create /library/wordpress/wp-keys.php command: /tmp/get-iiab-wp-salts @@ -91,15 +80,15 @@ template: src: wp-config.php.j2 dest: "{{ wp_abs_path }}/wp-config.php" - owner: root - group: "{{ apache_user }}" - mode: 0660 + owner: root # Not nec? Remove? + group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? + mode: '0660' - name: Install etc/{{ apache_config_dir }}/wordpress.conf from template, for http://box{{ wp_url }} template: src: wordpress.conf.j2 dest: "/etc/{{ apache_config_dir }}/wordpress.conf" - when: apache_enabled + when: apache_enabled | bool - name: Add 'wordpress_installed' variable values to {{ iiab_state_file }} lineinfile: From 2a11796af043e38c7678080dd31ee7771d2faecd Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 13:56:39 -0500 Subject: [PATCH 27/67] Update kiwix/tasks/enable.yml --- roles/kiwix/tasks/enable.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/kiwix/tasks/enable.yml b/roles/kiwix/tasks/enable.yml index 599b8c7ff..5e08cebfe 100644 --- a/roles/kiwix/tasks/enable.yml +++ b/roles/kiwix/tasks/enable.yml @@ -36,37 +36,37 @@ # Apache -- name: Enable http://box/kiwix with Apache proxy +- name: "Enable http://box{{ kiwix_url_without_slash }} via Apache" command: a2ensite kiwix.conf - when: kiwix_enabled and not nginx_enabled + when: apache_install and kiwix_enabled -- name: Disable http://box/kiwix with Apache - command: a2dissite calibre-web.conf - when: not kiwix_enabled or nginx_enabled +- name: "Disable http://box{{ kiwix_url_without_slash }} via Apache" + command: a2dissite kiwix.conf + when: apache_install and not kiwix_enabled - name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" daemon-reload: yes state: restarted - when: not nginx_enabled + when: apache_enabled | bool # NGINX -- name: 'Install from template: {{ nginx_config_dir }}/kiwix-nginx.conf' +- name: "Enable http://box{{ kiwix_url_without_slash }} via NGINX, by installing {{ nginx_config_dir }}/kiwix-nginx.conf from template" template: src: kiwix-nginx.conf dest: "{{ nginx_config_dir }}/kiwix-nginx.conf" owner: root # Not nec? Remove? group: root # Not nec? Remove? mode: '0644' # Not nec? Remove? - when: kiwix_enabled and nginx_enabled + when: nginx_install and kiwix_enabled -- name: Remove {{ nginx_config_dir }}/kiwix-nginx.conf +- name: "Disable http://box{{ kiwix_url_without_slash }} via NGINX, by removing {{ nginx_config_dir }}/kiwix-nginx.conf" file: path: "{{ nginx_config_dir }}/kiwix-nginx.conf" state: absent - when: not kiwix_enabled or not nginx_enabled + when: nginx_install and not kiwix_enabled - name: Restart nginx systemd service systemd: From 80f9e202ee16fbc3b7ad28866968abb8b6354c68 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 14:00:13 -0500 Subject: [PATCH 28/67] Update wordpress/tasks/enable.yml --- roles/wordpress/tasks/enable.yml | 51 ++++++++++++++++---------------- 1 file changed, 25 insertions(+), 26 deletions(-) diff --git a/roles/wordpress/tasks/enable.yml b/roles/wordpress/tasks/enable.yml index 7621df5e4..65b18e616 100644 --- a/roles/wordpress/tasks/enable.yml +++ b/roles/wordpress/tasks/enable.yml @@ -1,39 +1,38 @@ -- name: Create symlink wordpress.conf from sites-enabled to sites-available, if wordpress_enabled (debuntu) - file: - src: /etc/apache2/sites-available/wordpress.conf - path: /etc/apache2/sites-enabled/wordpress.conf - state: link - when: wordpress_enabled and not nginx_enabled +# Apache -- name: Remove /etc/apache2/sites-enabled/wordpress.conf if not wordpress_enabled (debuntu) - file: - path: /etc/apache2/sites-enabled/wordpress.conf - state: absent - when: not wordpress_enabled and is_debuntu +- name: "Enable http://box{{ wp_url }} via Apache" + command: a2ensite wordpress.conf + when: apache_install and wordpress_enabled -- name: Install {{ nginx_config_dir }}/wordpress-nginx.conf from template, for http://box{{ wp_url }} - template: - src: wordpress-nginx.conf.j2 - dest: "{{ nginx_config_dir }}/wordpress-nginx.conf" - when: wordpress_enabled and nginx_enabled +- name: "Disable http://box{{ wp_url }} via Apache" + command: a2dissite wordpress.conf + when: apache_install and not wordpress_enabled -- name: Remove {{ nginx_config_dir }}/wordpress-nginx.conf if not wordpress_enabled (debuntu) - file: - path: "{{ nginx_config_dir }}/wordpress-nginx.conf" - state: absent - when: not wordpress_enabled and nginx_enabled - -- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box{{ wp_url }} +- name: Restart Apache systems service ({{ apache_service }}) systemd: name: "{{ apache_service }}" state: restarted - when: not nginx_enabled + when: apache_enabled | bool -- name: Restart nginx service to enable/disable http://box{{ wp_url }} +# NGINX + +- name: "Enable http://box{{ wp_url }} via NGINX, by installing {{ nginx_config_dir }}/wordpress-nginx.conf from template" + template: + src: wordpress-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/wordpress-nginx.conf" + when: nginx_install and wordpress_enabled + +- name: "Disable http://box{{ wp_url }} via NGINX, by removing {{ nginx_config_dir }}/wordpress-nginx.conf" + file: + path: "{{ nginx_config_dir }}/wordpress-nginx.conf" + state: absent + when: nginx_install and not wordpress_enabled + +- name: Restart nginx systemd service systemd: name: nginx state: restarted - when: nginx_enabled + when: nginx_enabled | bool - name: Add 'wordpress' variable values to {{ iiab_ini_file }} ini_file: From c18248fdaa2fab4d4c1217a25a607e1a69cdd2f6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 14:11:22 -0500 Subject: [PATCH 29/67] Update wordpress/tasks/enable.yml --- roles/wordpress/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wordpress/tasks/enable.yml b/roles/wordpress/tasks/enable.yml index 65b18e616..a9ef41d7d 100644 --- a/roles/wordpress/tasks/enable.yml +++ b/roles/wordpress/tasks/enable.yml @@ -8,7 +8,7 @@ command: a2dissite wordpress.conf when: apache_install and not wordpress_enabled -- name: Restart Apache systems service ({{ apache_service }}) +- name: Restart Apache systemd service ({{ apache_service }}) systemd: name: "{{ apache_service }}" state: restarted From 509d7421e6b35f28906cc7d57ab239d3b33cb1d5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 14:54:58 -0500 Subject: [PATCH 30/67] Update only_nginx.yml --- roles/nginx/tasks/only_nginx.yml | 121 ++++++++++++++----------------- 1 file changed, 56 insertions(+), 65 deletions(-) diff --git a/roles/nginx/tasks/only_nginx.yml b/roles/nginx/tasks/only_nginx.yml index 127c357b8..cf343bae5 100644 --- a/roles/nginx/tasks/only_nginx.yml +++ b/roles/nginx/tasks/only_nginx.yml @@ -3,130 +3,121 @@ path: /etc/apache2/sites-enabled/awstats.conf state: absent -- name: Install nginx support for awstats if awstats_enabled - copy: - backup: no - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/awstats/templates/awstats-nginx.conf', dest: '/etc/nginx/conf.d/kiwix-nginx.conf' , mode: '0644' } - when: awstats_enabled +- name: Install /etc/nginx/conf.d/awstats-nginx.conf from template, if awstats_enabled + template: + src: roles/awstats/templates/awstats-nginx.conf + dest: /etc/nginx/conf.d/awstats-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: awstats_enabled | bool -- name: Remove nginx support for AWStats +- name: Remove NGINX support for AWStats, if not awstats_enabled file: path: /etc/nginx/conf.d/awstats-nginx.conf state: absent when: not awstats_enabled + - name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf file: path: /etc/apache2/sites-enabled/kiwix.conf state: absent -- name: Install nginx support for kiwix if kiwix_enabled - copy: - backup: no - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/kiwix/templates/kiwix-nginx.conf', dest: '/etc/nginx/conf.d/kiwix-nginx.conf' , mode: '0644' } +- name: Install /etc/nginx/conf.d/kiwix-nginx.conf from template, if kiwix_enabled + template: + src: roles/kiwix/templates/kiwix-nginx.conf + dest: /etc/nginx/conf.d/kiwix-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? when: kiwix_enabled | bool -- name: Remove nginx support for kiwix +- name: Remove NGINX support for Kiwix, if not kiwix_enabled file: path: /etc/nginx/conf.d/kiwix-nginx.conf state: absent - when: not kiwix_enabled | bool + when: not kiwix_enabled + - name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf file: path: /etc/apache2/sites-enabled/sugarizer.conf state: absent -- name: "Install sugarizer-nginx.conf (nginx) if sugarizer_enabled" +- name: Install /etc/nginx/conf.d/sugarizer-nginx.conf from template, if sugarizer_enabled template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/sugarizer/templates/sugarizer-nginx.conf', dest: '/etc/nginx/conf.d/sugarizer-nginx.conf', mode: '0644' } + src: roles/sugarizer/templates/sugarizer-nginx.conf + dest: /etc/nginx/conf.d/sugarizer-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? when: sugarizer_enabled | bool -- name: Remove nginx support for sugarizer +- name: Remove NGINX support for Sugarizer, if not sugarizer_enabled file: path: /etc/nginx/conf.d/sugarizer-nginx.conf state: absent - when: not sugarizer_enabled | bool + when: not sugarizer_enabled -- name: Remove /etc/apache2/sites-enabled/kolibri.conf + +- name: Remove symlink /etc/apache2/sites-enabled/kolibri.conf file: path: /etc/apache2/sites-enabled/kolibri.conf state: absent -- name: Supply /etc/nginx/conf.d/kolibri-nginx.conf when kolibri_enabled +- name: Install /etc/nginx/conf.d/kolibri-nginx.conf from template, if kolibri_enabled template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/kolibri/templates/kolibri-nginx.conf.j2', dest: '/etc/nginx/conf.d/kolibri-nginx.conf', mode: '0644' } + src: roles/kolibri/templates/kolibri-nginx.conf.j2 + dest: /etc/nginx/conf.d/kolibri-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? when: kolibri_enabled | bool -- name: Remove nginx support for kolibri when not kolibri_enabled +- name: Remove NGINX support for Kolibri, if not kolibri_enabled file: path: /etc/nginx/conf.d/kolibri-nginx.conf state: absent - when: not kolibri_enabled | bool + when: not kolibri_enabled + - name: Remove symlink /etc/apache2/sites-enabled/calibre-web.conf file: path: /etc/apache2/sites-enabled/calibre-web.conf state: absent -- name: Install /etc/nginx/conf.d/calibre-web-nginx.conf +- name: Install /etc/nginx/conf.d/calibre-web-nginx.conf from template, if calibreweb_enabled template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'roles/calibre-web/templates/calibre-web-nginx.conf.j2', dest: '/etc/nginx/conf.d/calibre-web-nginx.conf', mode: '0644' } - when: calibreweb_enabled + src: roles/calibre-web/templates/calibre-web-nginx.conf.j2 + dest: /etc/nginx/conf.d/calibre-web-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: calibreweb_enabled | bool -- name: Remove nginx support for Calibre-Web +- name: Remove NGINX support for Calibre-Web, if not calibreweb_enabled file: path: /etc/nginx/conf.d/calibre-web-nginx.conf state: absent when: not calibreweb_enabled + - name: Remove symlink /etc/apache2/sites-enabled/gitea.conf file: path: /etc/apache2/sites-enabled/gitea.conf state: absent -- name: Install /etc/nginx/conf.d/gitea-nginx.conf +- name: Install /etc/nginx/conf.d/gitea-nginx.conf from template, if gitea_enabled template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'roles/gitea/templates/gitea-nginx.conf.j2', dest: '/etc/nginx/conf.d/gitea-nginx.conf', mode: '0644' } - when: gitea_enabled + src: roles/gitea/templates/gitea-nginx.conf.j2 + dest: /etc/nginx/conf.d/gitea-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: gitea_enabled | bool -- name: Remove nginx support for Gitea +- name: Remove NGINX support for Gitea, if not gitea_enabled file: path: /etc/nginx/conf.d/gitea-nginx.conf state: absent From d8e4a9f05e4cee9d937a545ca0fef2b325d7f5d7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 15:02:51 -0500 Subject: [PATCH 31/67] Update uses_apache.yml --- roles/nginx/tasks/uses_apache.yml | 47 +++++++++++++++---------------- 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/roles/nginx/tasks/uses_apache.yml b/roles/nginx/tasks/uses_apache.yml index 91bf27e4a..d35a150bb 100644 --- a/roles/nginx/tasks/uses_apache.yml +++ b/roles/nginx/tasks/uses_apache.yml @@ -1,29 +1,29 @@ -- name: Install nginx's config file from template, if moodle_enabled +- name: Install /etc/nginx/conf.d/moodle-nginx.conf from template, if moodle_enabled template: src: moodle-nginx.conf.j2 - dest: "/etc/nginx/conf.d/moodle-nginx.conf" - owner: root - group: root - mode: 0644 - when: moodle_enabled + dest: /etc/nginx/conf.d/moodle-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: moodle_enabled | bool -- name: Install /etc/nginx/conf.d/dokuwiki-nginx.conf from template +- name: Install /etc/nginx/conf.d/dokuwiki-nginx.conf from template, if dokuwiki_enabled template: src: dokuwiki-nginx.conf dest: /etc/nginx/conf.d/dokuwiki-nginx.conf - when: dokuwiki_enabled + when: dokuwiki_enabled | bool -- name: Install /etc/nginx/conf.d/elgg-nginx.conf from template +- name: Install /etc/nginx/conf.d/elgg-nginx.conf from template, if elgg_enabled template: src: elgg-nginx.conf - dest: "/etc/nginx/conf.d/elgg-nginx.conf" - when: elgg_enabled + dest: /etc/nginx/conf.d/elgg-nginx.conf + when: elgg_enabled | bool -- name: Install /etc/nginx/lokole-nginx.conf from template +- name: Install /etc/nginx/conf.d/lokole-nginx.conf from template, if lokole_enabled template: src: lokole-nginx.conf.j2 - dest: "/etc/nginx/conf.d/lokole-nginx.conf" - when: lokole_enabled + dest: /etc/nginx/conf.d/lokole-nginx.conf + when: lokole_enabled | bool # mediawiki and wordpress are no longer proxied @@ -39,20 +39,19 @@ # dest: /etc/nginx/conf.d/ # when: wordpress_enabled -- name: Install Nextcloud's nginx conf.d file from template +- name: Install /etc/nginx/conf.d/nextcloud-nginx.conf from template, if nextcloud_enabled template: - src: nextcloud-nginx.conf - dest: /etc/nginx/conf.d/nextcloud-nginx.conf - when: nextcloud_enabled + src: nextcloud-nginx.conf + dest: /etc/nginx/conf.d/nextcloud-nginx.conf + when: nextcloud_enabled | bool -- name: Install NodeRed's nginx conf.d file from template +- name: Install /etc/nginx/conf.d/nodered-nginx.conf from template, if nodered_enabled template: src: nodered-nginx.conf.j2 dest: /etc/nginx/conf.d/nodered-nginx.conf - owner: root - group: root - mode: 0666 - when: nodered_enabled + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0666' + when: nodered_enabled | bool #- name: Install proxpass to apache running on localhost - From 0b11126ee008db5d44cba154fae3f4bd0992af30 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 15:11:38 -0500 Subject: [PATCH 32/67] Update nginx/tasks/main.yml --- roles/nginx/tasks/main.yml | 46 +++++++++++++++++++------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 937e22a27..a85c08855 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -1,32 +1,32 @@ -- name: Put the config file in place +- name: "Install from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf, {{ nginx_config_dir }}/iiab.conf" template: - src: '{{ item.src}}' - dest: '{{ item.dest }}' + src: "{{ item.src}}" + dest: "{{ item.dest }}" with_items: - - { src: "server.conf",dest: "/etc/nginx/" } - - { src: "nginx.conf",dest: "/etc/nginx/" } - - { src: "ports.conf" , dest: "/etc/{{ apache_service }}/" } - - { src: "iiab.conf.j2",dest: "{{ nginx_config_dir }}/iiab.conf" } - when: nginx_enabled + - { src: "server.conf", dest: "/etc/nginx/" } + - { src: "nginx.conf", dest: "/etc/nginx/" } + - { src: "ports.conf", dest: "/etc/{{ apache_service }}/" } + - { src: "iiab.conf.j2", dest: "{{ nginx_config_dir }}/iiab.conf" } + when: nginx_enabled | bool -- name: Clean stale config files +- name: Remove stale files (usb-lib.conf, modules.conf) from {{ nginx_config_dir }} file: state: absent - path: '{{ item.path }}' + path: "{{ item.path }}" with_items: - { path: "{{ nginx_config_dir }}/usb-lib.conf" } - { path: "{{ nginx_config_dir }}/modules.conf" } -- name: Insure that apache2 is not running -- we may need port swap +- name: Ensure that Apache (({{ apache_service }})) is not running -- we may need port swap systemd: - name: apache2 + name: "{{ apache_service }}" state: stopped # the below slides in nginx's proxypass config files for apache on localhost # via the ports.conf file installed above -- name: Install proxpass to apache running on localhost port {{ apache_port }} +- name: Install proxpass to Apache running on localhost port {{ apache_port }} include_tasks: uses_apache.yml - when: nginx_enabled + when: nginx_enabled | bool # the below task contains the same logic contained in the playbooks to enable # 'runrole nginx' to do the right thing but with the 'src' path set to role's @@ -34,9 +34,9 @@ - name: Install proxpass to other services 'dual mode' roles include_tasks: only_nginx.yml - when: nginx_enabled + when: nginx_enabled | bool -- name: Stop and disable nginx when not nginx_enabled +- name: Stop and disable NGINX when not nginx_enabled systemd: name: nginx state: stopped @@ -50,21 +50,21 @@ when: not nginx_enabled # should have the logic to handle both modes in the playbook -- name: Enable Apache (a2ensite) for 'dual mode' for the role when NGINX is diabled +- name: Enable Apache (a2ensite) for 'dual mode' for the role when NGINX is disabled include_tasks: disable.yml when: not nginx_enabled -- name: Since we stopped apache2, start it again +- name: Enable & Restart Apache, since we stopped it ({{ apache_service }}) systemd: - name: apache2 + name: "{{ apache_service }}" + daemon_reload: yes state: restarted enabled: true - daemon_reload: yes - when: apache_enabled + when: apache_enabled | bool -- name: Restart nginx to pick up the config files installed +- name: Enable & Restart NGINX, to pick up the config files installed systemd: name: nginx state: restarted enabled: true - when: nginx_enabled + when: nginx_enabled | bool From 4adf4ebd6cdd1779e1c884ee4948b5192c89555f Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 15:22:52 -0500 Subject: [PATCH 33/67] Update osm-vector-maps/tasks/main.yml --- roles/osm-vector-maps/tasks/main.yml | 30 ++++++++++++++-------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/roles/osm-vector-maps/tasks/main.yml b/roles/osm-vector-maps/tasks/main.yml index b17f97c2e..1eb1299e0 100644 --- a/roles/osm-vector-maps/tasks/main.yml +++ b/roles/osm-vector-maps/tasks/main.yml @@ -1,15 +1,15 @@ - name: Ensure directory {{ vector_map_path }}/maplist/assets exists file: - path: '{{ vector_map_path }}/maplist/assets' + path: "{{ vector_map_path }}/maplist/assets" state: directory - owner: '{{ apache_user }}' - group: '{{ apache_user }}' + owner: "{{ apache_user }}" + group: "{{ apache_user }}" mode: '0755' - name: Download map catalog {{ iiab_map_url }}/assets/regions.json to {{ vector_map_path }}/maplist/assets/ get_url: url: "{{ iiab_map_url }}/assets/regions.json" - dest: '{{ vector_map_path }}/maplist/assets/' + dest: "{{ vector_map_path }}/maplist/assets/" - name: Symlink catalog {{ doc_root }}/common/assets/regions.json -> {{ vector_map_path }}/maplist/assets/regions.json file: @@ -20,19 +20,19 @@ - name: Download the JavaScript bundle with OpenLayers (main.js) for test page http://box/maps/maplist get_url: url: "{{ iiab_map_url }}/../main.js" - dest: '{{ vector_map_path }}/maplist/' + dest: "{{ vector_map_path }}/maplist/" - name: Install {{ vector_map_path }}/maplist/index.html from template, for test page http://box/maps/maplist template: - src: "index.html" - dest: '{{ vector_map_path }}/maplist/index.html' + src: index.html + dest: "{{ vector_map_path }}/maplist/index.html" # Bboxes (bounding boxes) are currently square. But geofabrik has non-rectangular bboxes. # So bring the bounding box definition from cloud (bboxes.geojson is big) - name: Download bounding box definitions (bboxes.geojson) to {{ vector_map_path }}/maplist/assets/ get_url: url: "{{ iiab_map_url }}/assets/bboxes.geojson" - dest: '{{ vector_map_path }}/maplist/assets/' + dest: "{{ vector_map_path }}/maplist/assets/" # REMOVE this stanza once the transition to Python 3 is confirmed #- name: Install python-geojson package (OS's prior to Ubuntu 19.10) @@ -48,11 +48,11 @@ # name: python3-geojson # 2019-10-19: available across most/all recent # state: present # OS's, but not yet used by osm-vector-maps code? -- name: Install /usr/bin/iiab-update-map for updating of Map Pack catalog & descriptions +- name: Install /usr/bin/iiab-update-map from template, for updating of Map Pack catalog & descriptions template: src: iiab-update-map dest: /usr/bin/iiab-update-map - mode: "0755" + mode: '0755' # This depends on iiab-admin-console which is not yet installed #- name: Run the script that does osm-vector-maps housekeeping @@ -61,21 +61,21 @@ - name: Copy countries.json (geojson) to {{ vector_map_path }}/maplist/assets copy: src: countries.json - dest: '{{ vector_map_path }}/maplist/assets' + dest: "{{ vector_map_path }}/maplist/assets" # It is too complicated to use a single file for both iiab and admin-console - name: Copy the duplicated JavaScript (map_functions.js) to {{ vector_map_path }}/maplist/assets copy: src: map_functions.js - dest: '{{ vector_map_path }}/maplist/assets' + dest: "{{ vector_map_path }}/maplist/assets" - name: Install {{ nginx_config_dir }}/osm-vector-maps.conf from template template: src: osm-vector-maps-nginx.conf dest: "{{ nginx_config_dir }}/osm-vector-maps-nginx.conf" - when: osm_vector_maps_enabled + when: osm_vector_maps_enabled | bool -- name: Remove {{ nginx_config_dir }}/osm-vector-maps.conf (debuntu) +- name: Remove {{ nginx_config_dir }}/osm-vector-maps.conf file: path: "{{ nginx_config_dir }}/osm-vector-maps-nginx.conf" state: absent @@ -94,7 +94,7 @@ dest: "{{ vector_map_path }}/index.html" #when: not osm_redirect.stat.exists -- name: Reload nginx +- name: Reload 'nginx' systemd service systemd: name: nginx state: reloaded From 5a792c3b7ce850b3f06a385eec60003508cb8bf8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 15:46:30 -0500 Subject: [PATCH 34/67] Update sugarizer/tasks/enable.yml --- roles/sugarizer/tasks/enable.yml | 89 +++++++++++--------------------- 1 file changed, 31 insertions(+), 58 deletions(-) diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index a7ae534fc..fddb42d36 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -1,81 +1,54 @@ -- name: Create symlink sugarizer.conf from sites-enabled to sites-available, for short URLs http://box/sugar & http://box/sugarizer (if sugarizer_enabled) - file: - src: /etc/apache2/sites-available/sugarizer.conf - path: /etc/apache2/sites-enabled/sugarizer.conf - state: link - when: sugarizer_enabled and not nginx_enabled - -- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf (if not sugarizer_enabled) - file: - path: /etc/apache2/sites-enabled/sugarizer.conf - state: absent - when: not sugarizer_enabled or nginx_enabled - -- name: "Install sugarizer-nginx.conf (nginx)" - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'sugarizer-nginx.conf', dest: '{{ nginx_config_dir }}/sugarizer-nginx.conf', mode: '0644' } - when: sugarizer_enabled and nginx_enabled - -- name: Remove {{ nginx_config_dir }}/sugarizer-nginx.conf (if not sugarizer_enabled) - file: - path: "{{ nginx_config_dir }}/sugarizer-nginx.conf" - state: absent - when: not sugarizer_enabled and nginx_enabled - -# 6. RESTART/STOP SYSTEMD SERVICE - -# with "systemctl daemon-reload" in case mongodb.service changed, etc -- name: Enable & Restart 'sugarizer' systemd service (if sugarizer_enabled) +- name: Enable & Restart 'sugarizer' systemd service systemd: name: sugarizer - daemon_reload: yes + daemon_reload: yes # in case mongodb.service changed, etc enabled: yes state: restarted when: sugarizer_enabled -- name: Disable & Stop 'sugarizer' systemd service (if not sugarizer_enabled) +- name: Disable & Stop 'sugarizer' systemd service systemd: name: sugarizer - daemon_reload: yes enabled: no state: stopped when: not sugarizer_enabled -#- name: Enable services (all OS's) -# service: -# name: "{{ item.name }}" -# enabled: yes -# state: restarted -# with_items: -## - { name: mongodb } # 2018-07-14: NICE TRY, but still doesn't bring http://box:8089 to life reliably, as a reboot usually does! (Is a "systemctl daemon-reload" or some such nec?) -# - { name: sugarizer } -# when: sugarizer_enabled | bool +# Apache -#- name: Disable service (all OS's) -# service: -# name: sugarizer -# enabled: no -# state: stopped -# when: not sugarizer_enabled +- name: Enable http://box/sugarizer & http://box/sugar via Apache + command: a2ensite sugarizer.conf + when: apache_install and sugarizer_enabled -- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box/sugarizer (not just http://box:{{ sugarizer_port }}) +- name: Disable http://box/sugarizer via Apache + command: a2dissite sugarizer.conf + when: apache_install and not sugarizer_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" # httpd or apache2 + name: "{{ apache_service }}" state: restarted - when: sugarizer_enabled and not nginx_enabled + when: apache_enabled | bool -- name: Restart nginx when enabled +# NGINX + +- name: "Enable http://box/sugarizer via NGINX, by installing {{ nginx_config_dir }}/sugarizer-nginx.conf from template" + template: + src: sugarizer-nginx.conf + dest: "{{ nginx_config_dir }}/sugarizer-nginx.conf" + when: nginx_install and sugarizer_enabled + +- name: "Disable http://box/sugarizer via NGINX, by removing {{ nginx_config_dir }}/sugarizer-nginx.conf" + file: + path: "{{ nginx_config_dir }}/sugarizer-nginx.conf" + state: absent + when: nginx_install and not sugarizer_enabled + +- name: Restart 'nginx' systemd service systemd: name: nginx state: restarted - daemon_reload: yes - when: sugarizer_enabled and nginx_enabled + when: nginx_enabled | bool + - name: Add 'sugarizer' variable values to {{ iiab_ini_file }} ini_file: From 63af4c87cd5b041bed6a89ef2e212140ada7cc6b Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:00:32 -0500 Subject: [PATCH 35/67] Alphabetical order for 6 svcs in nginx/tasks/only_nginx.yml --- roles/nginx/tasks/only_nginx.yml | 126 +++++++++++++++---------------- 1 file changed, 63 insertions(+), 63 deletions(-) diff --git a/roles/nginx/tasks/only_nginx.yml b/roles/nginx/tasks/only_nginx.yml index cf343bae5..63583f74d 100644 --- a/roles/nginx/tasks/only_nginx.yml +++ b/roles/nginx/tasks/only_nginx.yml @@ -19,69 +19,6 @@ when: not awstats_enabled -- name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf - file: - path: /etc/apache2/sites-enabled/kiwix.conf - state: absent - -- name: Install /etc/nginx/conf.d/kiwix-nginx.conf from template, if kiwix_enabled - template: - src: roles/kiwix/templates/kiwix-nginx.conf - dest: /etc/nginx/conf.d/kiwix-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? - when: kiwix_enabled | bool - -- name: Remove NGINX support for Kiwix, if not kiwix_enabled - file: - path: /etc/nginx/conf.d/kiwix-nginx.conf - state: absent - when: not kiwix_enabled - - -- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf - file: - path: /etc/apache2/sites-enabled/sugarizer.conf - state: absent - -- name: Install /etc/nginx/conf.d/sugarizer-nginx.conf from template, if sugarizer_enabled - template: - src: roles/sugarizer/templates/sugarizer-nginx.conf - dest: /etc/nginx/conf.d/sugarizer-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? - when: sugarizer_enabled | bool - -- name: Remove NGINX support for Sugarizer, if not sugarizer_enabled - file: - path: /etc/nginx/conf.d/sugarizer-nginx.conf - state: absent - when: not sugarizer_enabled - - -- name: Remove symlink /etc/apache2/sites-enabled/kolibri.conf - file: - path: /etc/apache2/sites-enabled/kolibri.conf - state: absent - -- name: Install /etc/nginx/conf.d/kolibri-nginx.conf from template, if kolibri_enabled - template: - src: roles/kolibri/templates/kolibri-nginx.conf.j2 - dest: /etc/nginx/conf.d/kolibri-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? - when: kolibri_enabled | bool - -- name: Remove NGINX support for Kolibri, if not kolibri_enabled - file: - path: /etc/nginx/conf.d/kolibri-nginx.conf - state: absent - when: not kolibri_enabled - - - name: Remove symlink /etc/apache2/sites-enabled/calibre-web.conf file: path: /etc/apache2/sites-enabled/calibre-web.conf @@ -122,3 +59,66 @@ path: /etc/nginx/conf.d/gitea-nginx.conf state: absent when: not gitea_enabled + + +- name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf + file: + path: /etc/apache2/sites-enabled/kiwix.conf + state: absent + +- name: Install /etc/nginx/conf.d/kiwix-nginx.conf from template, if kiwix_enabled + template: + src: roles/kiwix/templates/kiwix-nginx.conf + dest: /etc/nginx/conf.d/kiwix-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: kiwix_enabled | bool + +- name: Remove NGINX support for Kiwix, if not kiwix_enabled + file: + path: /etc/nginx/conf.d/kiwix-nginx.conf + state: absent + when: not kiwix_enabled + + +- name: Remove symlink /etc/apache2/sites-enabled/kolibri.conf + file: + path: /etc/apache2/sites-enabled/kolibri.conf + state: absent + +- name: Install /etc/nginx/conf.d/kolibri-nginx.conf from template, if kolibri_enabled + template: + src: roles/kolibri/templates/kolibri-nginx.conf.j2 + dest: /etc/nginx/conf.d/kolibri-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: kolibri_enabled | bool + +- name: Remove NGINX support for Kolibri, if not kolibri_enabled + file: + path: /etc/nginx/conf.d/kolibri-nginx.conf + state: absent + when: not kolibri_enabled + + +- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf + file: + path: /etc/apache2/sites-enabled/sugarizer.conf + state: absent + +- name: Install /etc/nginx/conf.d/sugarizer-nginx.conf from template, if sugarizer_enabled + template: + src: roles/sugarizer/templates/sugarizer-nginx.conf + dest: /etc/nginx/conf.d/sugarizer-nginx.conf + owner: root # Not nec? Remove? + group: root # Not nec? Remove? + mode: '0644' # Not nec? Remove? + when: sugarizer_enabled | bool + +- name: Remove NGINX support for Sugarizer, if not sugarizer_enabled + file: + path: /etc/nginx/conf.d/sugarizer-nginx.conf + state: absent + when: not sugarizer_enabled From acfe65f9d7093156eb6bcd96d486fb0807a4bd85 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:07:39 -0500 Subject: [PATCH 36/67] Alphabetical order for 6 svcs in nginx/tasks/uses_apache.yml --- roles/nginx/tasks/uses_apache.yml | 43 ++++++++++++++----------------- 1 file changed, 19 insertions(+), 24 deletions(-) diff --git a/roles/nginx/tasks/uses_apache.yml b/roles/nginx/tasks/uses_apache.yml index d35a150bb..41725fc90 100644 --- a/roles/nginx/tasks/uses_apache.yml +++ b/roles/nginx/tasks/uses_apache.yml @@ -1,12 +1,3 @@ -- name: Install /etc/nginx/conf.d/moodle-nginx.conf from template, if moodle_enabled - template: - src: moodle-nginx.conf.j2 - dest: /etc/nginx/conf.d/moodle-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? - when: moodle_enabled | bool - - name: Install /etc/nginx/conf.d/dokuwiki-nginx.conf from template, if dokuwiki_enabled template: src: dokuwiki-nginx.conf @@ -25,6 +16,25 @@ dest: /etc/nginx/conf.d/lokole-nginx.conf when: lokole_enabled | bool +- name: Install /etc/nginx/conf.d/moodle-nginx.conf from template, if moodle_enabled + template: + src: moodle-nginx.conf.j2 + dest: /etc/nginx/conf.d/moodle-nginx.conf + when: moodle_enabled | bool + +- name: Install /etc/nginx/conf.d/nextcloud-nginx.conf from template, if nextcloud_enabled + template: + src: nextcloud-nginx.conf + dest: /etc/nginx/conf.d/nextcloud-nginx.conf + when: nextcloud_enabled | bool + +- name: Install /etc/nginx/conf.d/nodered-nginx.conf from template, if nodered_enabled + template: + src: nodered-nginx.conf.j2 + dest: /etc/nginx/conf.d/nodered-nginx.conf + # mode: '0666' + when: nodered_enabled | bool + # mediawiki and wordpress are no longer proxied #- name: Install MediaWiki's nginx conf.d file from template @@ -39,19 +49,4 @@ # dest: /etc/nginx/conf.d/ # when: wordpress_enabled -- name: Install /etc/nginx/conf.d/nextcloud-nginx.conf from template, if nextcloud_enabled - template: - src: nextcloud-nginx.conf - dest: /etc/nginx/conf.d/nextcloud-nginx.conf - when: nextcloud_enabled | bool - -- name: Install /etc/nginx/conf.d/nodered-nginx.conf from template, if nodered_enabled - template: - src: nodered-nginx.conf.j2 - dest: /etc/nginx/conf.d/nodered-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0666' - when: nodered_enabled | bool - #- name: Install proxpass to apache running on localhost From 735a55a0edf0358f108afcf63588c7941486977f Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:08:26 -0500 Subject: [PATCH 37/67] Update roles/nginx/README.md --- roles/nginx/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/nginx/README.md b/roles/nginx/README.md index 213874552..08bbd8878 100644 --- a/roles/nginx/README.md +++ b/roles/nginx/README.md @@ -10,14 +10,14 @@ * osm-vector-maps * usb-lib * wordpress - 2. Dual support + 2. Dual support, see: https://github.com/iiab/iiab/blob/master/roles/nginx/tasks/only_nginx.yml * awstats ([#2124](https://github.com/iiab/iiab/issues/2124)) * calibre-web * gitea * kiwix -- goes directly to port 3000 * kolibri * sugarizer - 3. Still proxied to Apache + 3. Still proxied to Apache, see: https://github.com/iiab/iiab/blob/master/roles/nginx/tasks/uses_apache.yml * dokuwiki ([#2056](https://github.com/iiab/iiab/issues/2056)) * elgg * lokole From d9ae9c95a50cbb627e1b127ac080be9a558186df Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:21:30 -0500 Subject: [PATCH 38/67] http://box/sugar too, in sugarizer/tasks/enable.yml --- roles/sugarizer/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index fddb42d36..da369cc9f 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -19,7 +19,7 @@ command: a2ensite sugarizer.conf when: apache_install and sugarizer_enabled -- name: Disable http://box/sugarizer via Apache +- name: Disable http://box/sugarizer & http://box/sugar via Apache command: a2dissite sugarizer.conf when: apache_install and not sugarizer_enabled From dfb43889aa91f33356ab00ddfe9f6558f3c8ecb8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:23:58 -0500 Subject: [PATCH 39/67] Update enable.yml --- roles/sugarizer/tasks/enable.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index da369cc9f..7c64c8f0e 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -31,13 +31,13 @@ # NGINX -- name: "Enable http://box/sugarizer via NGINX, by installing {{ nginx_config_dir }}/sugarizer-nginx.conf from template" +- name: Enable http://box/sugarizer via NGINX, by installing {{ nginx_config_dir }}/sugarizer-nginx.conf from template template: src: sugarizer-nginx.conf dest: "{{ nginx_config_dir }}/sugarizer-nginx.conf" when: nginx_install and sugarizer_enabled -- name: "Disable http://box/sugarizer via NGINX, by removing {{ nginx_config_dir }}/sugarizer-nginx.conf" +- name: Disable http://box/sugarizer via NGINX, by removing {{ nginx_config_dir }}/sugarizer-nginx.conf file: path: "{{ nginx_config_dir }}/sugarizer-nginx.conf" state: absent From 947c47a2a7370b40b9ad9cb6077e982272fe0c57 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:29:20 -0500 Subject: [PATCH 40/67] Update kolibri/tasks/enable.yml --- roles/kolibri/tasks/enable.yml | 54 ++++++++++++++++++---------------- 1 file changed, 28 insertions(+), 26 deletions(-) diff --git a/roles/kolibri/tasks/enable.yml b/roles/kolibri/tasks/enable.yml index 484a9bdee..54da7f362 100644 --- a/roles/kolibri/tasks/enable.yml +++ b/roles/kolibri/tasks/enable.yml @@ -1,53 +1,55 @@ -- name: Start 'kolibri' systemd service, if kolibri_enabled +- name: Enable & Start 'kolibri' systemd service systemd: name: kolibri - state: started + daemon_reload: yes enabled: yes + state: started when: kolibri_enabled -- name: Disable & Stop 'kolibri' systemd service if not kolibri_enabled +- name: Disable & Stop 'kolibri' systemd service systemd: name: kolibri enabled: no state: stopped when: not kolibri_enabled -- name: Enable http://box{{ kolibri_url }} with Apache (a2ensite) if kolibri_enabled # i.e. http://box/kolibri + # Apache + +- name: Enable http://box{{ kolibri_url }} via Apache # i.e. http://box/kolibri command: a2ensite kolibri.conf - when: kolibri_enabled and not nginx_enabled + when: apache_install and kolibri_enabled -- name: Disable http://box{{ kolibri_url }} with Apache (a2dissite) if not kolibri_enabled +- name: Disable http://box{{ kolibri_url }} via Apache command: a2dissite kolibri.conf - when: not kolibri_enabled or nginx_enabled + when: apache_install and not kolibri_enabled -- name: Supply {{ nginx_config_dir }}/kolibri-nginx.conf when nginx_enabled +- name: Restart Apache systemd service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted + when: apache_enabled | bool + +# NGINX + +- name: Enable http://box{{ kolibri_url }} via NGINX, by installing {{ nginx_config_dir }}/kolibri-nginx.conf from template template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'kolibri-nginx.conf.j2', dest: '{{ nginx_config_dir }}/kolibri-nginx.conf', mode: '0644' } - when: kolibri_enabled and nginx_enabled + src: kolibri-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/kolibri-nginx.conf" + when: nginx_install and kolibri_enabled -- name: Remove {{ nginx_config_dir }}/kolibri-nginx.conf when not nginx_enabled +- name: Disable http://box{{ kolibri_url }} via NGINX, by removing {{ nginx_config_dir }}/kolibri-nginx.conf +- name: Remove {{ nginx_config_dir }}/kolibri-nginx.conf file: path: "{{ nginx_config_dir }}/kolibri-nginx.conf" state: absent - when: not kolibri_enabled and nginx_enabled + when: nginx_install and not kolibri_enabled -- name: Restart Apache service ({{ apache_service }}) # e.g. apache2 - systemd: - name: "{{ apache_service }}" - state: restarted - when: not nginx_enabled - -- name: Restart nginx service +- name: Restart 'nginx' systemd service systemd: name: nginx state: restarted - when: nginx_enabled + when: nginx_enabled | bool + - name: Add 'kolibri' variable values to {{ iiab_ini_file }} # /etc/iiab/iiab.ini ini_file: From bc1ebe7298f275e014c96b6f8517afd812d507a0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:39:24 -0500 Subject: [PATCH 41/67] Update mediawiki/tasks/enable.yml --- roles/mediawiki/tasks/enable.yml | 49 ++++++++++++++++---------------- 1 file changed, 24 insertions(+), 25 deletions(-) diff --git a/roles/mediawiki/tasks/enable.yml b/roles/mediawiki/tasks/enable.yml index 8d2370e96..dc224a1f9 100644 --- a/roles/mediawiki/tasks/enable.yml +++ b/roles/mediawiki/tasks/enable.yml @@ -1,41 +1,40 @@ -- name: Create softlink mediawiki.conf from sites-enabled to sites-available, if mediawiki_enabled (debuntu) - file: - src: /etc/apache2/sites-available/mediawiki.conf - dest: /etc/apache2/sites-enabled/mediawiki.conf - state: link - when: mediawiki_enabled and not nginx_enabled +# Apache -- name: Remove mediawiki.conf if not mediawiki_enabled (debuntu) - file: - path: /etc/apache2/sites-enabled/mediawiki.conf - state: absent - when: not mediawiki_enabled or nginx_enabled +- name: Enable http://box{{ mediawiki_url }} via Apache # i.e. http://box/mediawiki + command: a2ensite mediawiki.conf + when: apache_install and mediawiki_enabled -- name: Install {{ nginx_config_dir }}/mediawiki-nginx.conf from template, for http://box{{ mediawiki_url }} +- name: Disable http://box{{ mediawiki_url }} via Apache + command: a2dissite mediawiki.conf + when: apache_install and not mediawiki_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted + when: apache_enabled | bool + + +# NGINX + +- name: Enable http://box{{ mediawiki_url }} via NGINX, by installing {{ nginx_config_dir }}/mediawiki-nginx.conf from template template: src: mediawiki-nginx.conf.j2 dest: "{{ nginx_config_dir }}/mediawiki-nginx.conf" - when: mediawiki_enabled and nginx_enabled + when: nginx_install and mediawiki_enabled -- name: Remove mediawiki-nginx.conf if not mediawiki_enabled (debuntu) +- name: Disable http://box{{ mediawiki_url }} via NGINX, by removing {{ nginx_config_dir }}/mediawiki-nginx.conf file: path: "{{ nginx_config_dir }}/mediawiki-nginx.conf" state: absent - when: not mediawiki_enabled and is_debuntu + when: nginx_install and not mediawiki_enabled -- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box{{ mediawiki_url }} - systemd: - name: "{{ apache_service }}" - daemon_reload: yes - state: restarted - when: mediawiki_enabled and not nginx_enabled - -- name: Restart nginx service to enable/disable http://box{{ mediawiki_url }} +- name: Restart 'nginx' systemd service systemd: name: nginx - daemon_reload: yes state: restarted - when: nginx_enabled + when: nginx_enabled | bool + - name: Add 'mediawiki' variable values to {{ iiab_ini_file }} ini_file: From fbe40e026fc3e4f3e4f6d270c5f6d6092f38ef97 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:40:58 -0500 Subject: [PATCH 42/67] kolibri/tasks/enable.yml fix --- roles/kolibri/tasks/enable.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/kolibri/tasks/enable.yml b/roles/kolibri/tasks/enable.yml index 54da7f362..961f78cfc 100644 --- a/roles/kolibri/tasks/enable.yml +++ b/roles/kolibri/tasks/enable.yml @@ -38,7 +38,6 @@ when: nginx_install and kolibri_enabled - name: Disable http://box{{ kolibri_url }} via NGINX, by removing {{ nginx_config_dir }}/kolibri-nginx.conf -- name: Remove {{ nginx_config_dir }}/kolibri-nginx.conf file: path: "{{ nginx_config_dir }}/kolibri-nginx.conf" state: absent From ee22ac3ecfe043112d53e8a88b1cedf339e57146 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:46:36 -0500 Subject: [PATCH 43/67] Update kiwix/tasks/install.yml --- roles/kiwix/tasks/install.yml | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index defce47e0..698f78f58 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -15,9 +15,9 @@ - name: Create directory {{ iiab_zim_path }} and subdirs {content, index} for Kiwix ZIM files file: path: "{{ item }}" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0755' # Not nec? Remove? + # owner: root + # group: root + # mode: '0755' state: directory with_items: - "{{ iiab_zim_path }}" @@ -33,9 +33,9 @@ template: src: library.xml dest: "{{ kiwix_library_xml }}" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' force: no when: not kiwix_xml.stat.exists @@ -43,17 +43,17 @@ copy: src: test.zim dest: "{{ iiab_zim_path }}/content/test.zim" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' force: no - name: Create {{ kiwix_path }}/bin directory # /opt/iiab/kiwix/bin file: path: "{{ kiwix_path }}/bin" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0755' # Not nec? Remove? + # owner: root + # group: root + # mode: '0755' state: directory # 2. INSTALL KIWIX-TOOLS EXECUTABLES @@ -62,8 +62,8 @@ unarchive: src: "{{ downloads_dir }}/{{ kiwix_src_file }}" dest: /tmp - owner: root # Not nec? Remove? - group: root # Not nec? Remove? + # owner: root + # group: root - name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location /opt/iiab/kiwix/bin (armhf & linux64 & i686) shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" @@ -88,8 +88,8 @@ template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? + # owner: root + # group: root mode: "{{ item.mode }}" with_items: - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644'} @@ -97,7 +97,7 @@ - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755'} - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644'} -5. RECORD KIWIX AS INSTALLED +5. RECORD KIWIX AS INSTALLED IN /etc/iiab/iiab_state.yml - name: Add 'kiwix_installed' variable values to {{ iiab_state_file }} lineinfile: From 4bf32c78ef31bbd8693c5d8592df6d1b6397ddad Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:49:06 -0500 Subject: [PATCH 44/67] Update enable.yml --- roles/kolibri/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kolibri/tasks/enable.yml b/roles/kolibri/tasks/enable.yml index 961f78cfc..790de0319 100644 --- a/roles/kolibri/tasks/enable.yml +++ b/roles/kolibri/tasks/enable.yml @@ -4,7 +4,7 @@ daemon_reload: yes enabled: yes state: started - when: kolibri_enabled + when: kolibri_enabled | bool - name: Disable & Stop 'kolibri' systemd service systemd: From 6304ebc6d5892f9588dc0571dd46950728eb10c2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 16:49:51 -0500 Subject: [PATCH 45/67] Update enable.yml --- roles/sugarizer/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index 7c64c8f0e..88ec6bd18 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -4,7 +4,7 @@ daemon_reload: yes # in case mongodb.service changed, etc enabled: yes state: restarted - when: sugarizer_enabled + when: sugarizer_enabled | bool - name: Disable & Stop 'sugarizer' systemd service systemd: From 21597979855a5d180c940c2c7e25dfd69ca0aaa4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:01:20 -0500 Subject: [PATCH 46/67] Update kiwix/tasks/enable.yml --- roles/kiwix/tasks/enable.yml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/roles/kiwix/tasks/enable.yml b/roles/kiwix/tasks/enable.yml index 5e08cebfe..507881e5e 100644 --- a/roles/kiwix/tasks/enable.yml +++ b/roles/kiwix/tasks/enable.yml @@ -6,7 +6,7 @@ state: restarted when: kiwix_enabled | bool -- name: Disable 'kiwix-serve' systemd service +- name: Disable & Stop 'kiwix-serve' systemd service systemd: name: kiwix-serve enabled: no @@ -36,11 +36,11 @@ # Apache -- name: "Enable http://box{{ kiwix_url_without_slash }} via Apache" +- name: Enable http://box{{ kiwix_url_without_slash }} via Apache command: a2ensite kiwix.conf when: apache_install and kiwix_enabled -- name: "Disable http://box{{ kiwix_url_without_slash }} via Apache" +- name: Disable http://box{{ kiwix_url_without_slash }} via Apache command: a2dissite kiwix.conf when: apache_install and not kiwix_enabled @@ -53,16 +53,13 @@ # NGINX -- name: "Enable http://box{{ kiwix_url_without_slash }} via NGINX, by installing {{ nginx_config_dir }}/kiwix-nginx.conf from template" +- name: Enable http://box{{ kiwix_url_without_slash }} via NGINX, by installing {{ nginx_config_dir }}/kiwix-nginx.conf from template template: src: kiwix-nginx.conf dest: "{{ nginx_config_dir }}/kiwix-nginx.conf" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? when: nginx_install and kiwix_enabled -- name: "Disable http://box{{ kiwix_url_without_slash }} via NGINX, by removing {{ nginx_config_dir }}/kiwix-nginx.conf" +- name: Disable http://box{{ kiwix_url_without_slash }} via NGINX, by removing {{ nginx_config_dir }}/kiwix-nginx.conf file: path: "{{ nginx_config_dir }}/kiwix-nginx.conf" state: absent @@ -71,7 +68,6 @@ - name: Restart nginx systemd service systemd: name: nginx - daemon-reload: yes state: restarted when: nginx_enabled | bool From a99271e2678427d6d129e18137f100a248c21588 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:03:39 -0500 Subject: [PATCH 47/67] Update kiwix/tasks/enable.yml --- roles/kiwix/tasks/enable.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/kiwix/tasks/enable.yml b/roles/kiwix/tasks/enable.yml index 507881e5e..c249d1635 100644 --- a/roles/kiwix/tasks/enable.yml +++ b/roles/kiwix/tasks/enable.yml @@ -1,7 +1,7 @@ - name: Enable & Restart 'kiwix-serve' systemd service systemd: - daemon_reload: yes name: kiwix-serve + daemon_reload: yes enabled: yes state: restarted when: kiwix_enabled | bool @@ -65,12 +65,13 @@ state: absent when: nginx_install and not kiwix_enabled -- name: Restart nginx systemd service +- name: Restart 'nginx' systemd service systemd: name: nginx state: restarted when: nginx_enabled | bool + - name: Add 'kiwix' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" From b194a325b240e953b589288ace6238fd3e979768 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:04:29 -0500 Subject: [PATCH 48/67] Update gitea/tasks/enable.yml --- roles/gitea/tasks/enable.yml | 54 +++++++++++++----------------------- 1 file changed, 20 insertions(+), 34 deletions(-) diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index a59af9165..f2d8d6ccf 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -1,14 +1,13 @@ -- name: Enable 'gitea' systemd service +- name: Enable & Restart 'gitea' systemd service systemd: - daemon_reload: yes name: gitea + daemon_reload: yes enabled: yes state: restarted when: gitea_enabled | bool -- name: Disable 'gitea' systemd service +- name: Disable & Restart 'gitea' systemd service systemd: - daemon_reload: yes name: gitea enabled: no state: stopped @@ -16,53 +15,40 @@ # Apache -- name: Remove softlink /etc/apache2/sites-enabled/gitea.conf - file: - path: /etc/apache2/sites-enabled/gitea.conf - state: absent - when: not gitea_enabled or nginx_enabled +- name: Enable http://box{{ gitea_url }} via Apache # i.e. http://box/gitea + command: a2ensite gitea.conf + when: apache_install and gitea_enabled -- name: 'Install from template: /etc/{{ apache_config_dir }}/gitea.conf' - template: - src: gitea.conf.j2 - dest: "/etc/{{ apache_config_dir }}/gitea.conf" - when: not nginx_enabled - -- name: Softlink /etc/apache2/sites-enabled/gitea.conf -> /etc/{{ apache_config_dir }}/gitea.conf - file: - src: /etc/{{ apache_config_dir }}/gitea.conf - path: /etc/apache2/sites-enabled/gitea.conf - state: link - when: gitea_enabled and not nginx_enabled +- name: Disable http://box{{ gitea_url }} via Apache + command: a2dissite gitea.conf + when: apache_install and not gitea_enabled - name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" # httpd or apache2 + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted - when: not nginx_enabled + when: apache_enabled | bool # NGINX -- name: Remove {{ nginx_config_dir }}/gitea-nginx.conf - file: - path: "{{ nginx_config_dir }}/gitea-nginx.conf" - state: absent - when: not gitea_enabled or not nginx_enabled - -- name: 'Install from template: {{ nginx_config_dir }}/gitea-nginx.conf' +- name: Enable http://box{{ gitea_url }} via NGINX, by installing {{ nginx_config_dir }}/gitea-nginx.conf from template template: src: gitea-nginx.conf.j2 dest: "{{ nginx_config_dir }}/gitea-nginx.conf" - when: gitea_enabled and nginx_enabled + when: nginx_install and gitea_enabled -- name: Restart nginx systemd service +- name: Disable http://box{{ gitea_url }} via NGINX, by removing {{ nginx_config_dir }}/gitea-nginx.conf + file: + path: "{{ nginx_config_dir }}/gitea-nginx.conf" + state: absent + when: nginx_install and not gitea_enabled + +- name: Restart 'nginx' systemd service systemd: name: nginx - daemon_reload: yes state: restarted when: nginx_enabled | bool -# Add Gitea to registry - name: Add 'gitea' to list of services at {{ iiab_ini_file }} ini_file: From 22148fa20ad09bcd96fa805459d84153a2a465d9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:14:40 -0500 Subject: [PATCH 49/67] Update sugarizer/tasks/install.yml --- roles/sugarizer/tasks/install.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index dc9b9e120..b65ca5c67 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -138,16 +138,16 @@ # 5. CONFIG FILES -- name: "Install from templates: sugarizer.service (systemd), sugarizer-nginx.conf (nginx)" +- name: "Install from templates: /etc/systemd/system/sugarizer.service, /etc/apache2/sites-available/sugarizer.conf" template: src: "{{ item.src }}" dest: "{{ item.dest }}" - mode: 0644 - owner: root - group: root + # owner: root + # group: root + # mode: '0644' with_items: - { src: 'sugarizer.service', dest: '/etc/systemd/system/sugarizer.service' } - - { src: 'sugarizer.conf.j2', dest: '/etc/apache2/sites-available/sugarizer.conf' } + - { src: 'sugarizer.conf.j2', dest: "/etc/{{ apache_config_dir }}/sugarizer.conf" } #- { src: 'sugarizer.ini.j2', dest: '{{ iiab_base }}/sugarizer-server/env/sugarizer.ini' } #- { src: 'sugarizer.js', dest: '{{ iiab_base }}/sugarizer-server' } From f55bd8a8e9b5612acdcaba4399b6635973bcc7e0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:20:33 -0500 Subject: [PATCH 50/67] Update gitea/tasks/install.yml --- roles/gitea/tasks/install.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 05c9b9436..1b289f839 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -113,17 +113,16 @@ owner: root group: gitea mode: 0664 - tags: - - config -# Create systemd service +# Create systemd service & prepare Apache for http://box/gitea -- name: Create 'gitea' service +- name: "Install from templates: /etc/systemd/system/gitea.service, /etc/apache2/sites-available/gitea.conf" template: - src: gitea.service.j2 - dest: "/etc/systemd/system/gitea.service" - tags: - - systemd + src: "{{ item.src }}" + dest: "{{ item.dest }}" + with_items: + - { src: 'gitea.service.j2', dest: '/etc/systemd/system/gitea.service' } + - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_config_dir }}/gitea.conf" } - name: Add 'gitea_installed' variable values to {{ iiab_state_file }} lineinfile: From f80d48e764276fbb98988a27c5d5ec0878b9e346 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:34:55 -0500 Subject: [PATCH 51/67] Update calibre-web-nginx.conf.j2 --- roles/calibre-web/templates/calibre-web-nginx.conf.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/calibre-web/templates/calibre-web-nginx.conf.j2 b/roles/calibre-web/templates/calibre-web-nginx.conf.j2 index 55839acac..8a9e435c0 100644 --- a/roles/calibre-web/templates/calibre-web-nginx.conf.j2 +++ b/roles/calibre-web/templates/calibre-web-nginx.conf.j2 @@ -1,7 +1,7 @@ -location /books/ { +location {{ calibreweb_url1 }}/ { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; - proxy_set_header X-Script-Name /books; + proxy_set_header X-Script-Name {{ calibreweb_url1 }}; proxy_pass http://127.0.0.1:8083; } From 702bf30a020b8a0c36a9402d08b2729922ea6c4c Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:37:33 -0500 Subject: [PATCH 52/67] Update calibre-web/tasks/enable.yml --- roles/calibre-web/tasks/enable.yml | 52 ++++++++++++++---------------- 1 file changed, 25 insertions(+), 27 deletions(-) diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index e7dcf2364..60422823c 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -6,55 +6,55 @@ state: restarted when: calibreweb_enabled | bool -- name: Disable 'calibre-web' systemd service +- name: Disable & Stop 'calibre-web' systemd service systemd: name: calibre-web - daemon_reload: yes enabled: no state: stopped when: not calibreweb_enabled -# APACHE - -# Default: http://box/books # SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy -- name: Enable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache - command: a2ensite calibre-web.conf - when: calibreweb_enabled and not nginx_enabled -- name: Disable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache +# Apache + +# i.e. http://box/books, http://box/libros, http://box/livres + +- name: Enable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} via Apache + command: a2ensite calibre-web.conf + when: apache_install and calibreweb_enabled + +- name: Disable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} via Apache command: a2dissite calibre-web.conf - when: (not calibreweb_enabled or nginx_enabled) and apache_install + when: apache_install and not calibreweb_enabled - name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" # httpd or apache2 + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted - when: not nginx_enabled + when: apache_enabled | bool # NGINX -- name: Remove {{ nginx_config_dir }}/calibre-web-nginx.conf - file: - path: "{{ nginx_config_dir }}/calibre-web-nginx.conf" - state: absent - when: not calibreweb_enabled or not nginx_enabled +# TO DO: restore http://box/libros & http://box/livres, along English (http://box/books) -- name: 'Install from template: {{ nginx_config_dir }}/calibre-web-nginx.conf' +- name: Enable http://box{{ calibreweb_url1 }} via NGINX, by installing {{ nginx_config_dir }}/calibre-web-nginx.conf from template template: src: calibre-web-nginx.conf.j2 dest: "{{ nginx_config_dir }}/calibre-web-nginx.conf" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: 0644 # Not nec? Remove? - when: calibreweb_enabled and nginx_enabled + when: nginx_install and calibreweb_enabled -- name: Restart nginx systemd service +- name: Disable http://box{{ calibreweb_url1 }} via NGINX, by removing {{ nginx_config_dir }}/calibre-web-nginx.conf + file: + path: "{{ nginx_config_dir }}/calibre-web-nginx.conf" + state: absent + when: nginx_install and not calibreweb_enabled + +- name: Restart 'nginx' systemd service systemd: name: nginx - daemon_reload: yes state: restarted - when: calibreweb_enabled and nginx_enabled + when: nginx_enabled | bool + - name: Add 'calibre-web' variable values to {{ iiab_ini_file }} ini_file: @@ -83,5 +83,3 @@ value: "{{ calibreweb_database }}" - option: calibreweb_enabled value: "{{ calibreweb_enabled }}" -# - option: calibreweb_provision -# value: "{{ calibreweb_provision }}" From b8f029d24a8274e55c0fc9af71e4473041142b33 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 17:56:09 -0500 Subject: [PATCH 53/67] Clean awstats/tasks/install.yml --- roles/awstats/tasks/install.yml | 56 ++++++++++++--------------------- 1 file changed, 20 insertions(+), 36 deletions(-) diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index c33addfbb..e96d3e156 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -5,55 +5,42 @@ - pwauth - openssl state: present - tags: - - download -- name: 'Install 2 packages: apache2-utils, libapache2-mod-authnz-external (debuntu)' +- name: 'Install 2 packages: apache2-utils, libapache2-mod-authnz-external' package: name: - libapache2-mod-authnz-external - apache2-utils state: present - when: is_debuntu | bool - tags: - - download -- name: Enable cgi execution (debuntu) +- name: Enable cgi execution via Apache command: a2enmod cgi - when: is_debuntu | bool - name: 'Mandate {{ apache_user }}:{{ apache_user }} perm 0750 dirs: {{ awstats_data_dir }} (intermediate summary storage) & {{ apache_log_dir }}' # /library/awstats & /var/log/apache2 typically file: path: "{{ item }}" - mode: 0750 owner: "{{ apache_user }}" group: "{{ apache_user }}" + mode: '0750' state: directory recurse: yes force: yes with_items: - "{{ awstats_data_dir }}" - "{{ apache_log_dir }}" - - /usr/lib/cgi-bin/awstats # create backward compatible path for awstats + - /usr/lib/cgi-bin/awstats # create backward compatible path for awstats -- name: Install Apache's awstats.conf from template (debuntu) +- name: Install /etc/{{ apache_config_dir }}/awstats.conf from template template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: 0644 - with_items: - - { src: "apache-awstats.conf", dest: "/etc/{{ apache_config_dir }}/awstats.conf" } - when: awstats_enabled and is_debuntu + src: apache-awstats.conf + dest: "/etc/{{ apache_config_dir }}/awstats.conf" -- name: Ensure logrotate doesn't make logs unreadable (debuntu) +- name: Install /etc/logrotate.d/apache2 from template, to ensure logrotate doesn't make logs unreadable template: src: logrotate.d.apache2 dest: /etc/logrotate.d/apache2 - when: is_debuntu | bool -- name: Check if package installed /etc/awstats/awstats.conf +- name: Does /etc/awstats/awstats.conf exist? stat: path: /etc/awstats/awstats.conf register: awstats @@ -62,37 +49,34 @@ command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist when: awstats.stat.islnk is defined and not awstats.stat.islnk -- name: Create symlink for awstats.pl from cgi-bin/awstats/awstats.pl to ../ so that the old apache links to awstats will work after change to nginx +- name: Symlink /usr/lib/cgi-bin/awstats/awstats.pl -> /usr/lib/cgi-bin/awstats.pl so old Apache links to awstats will work after change to NGINX file: src: /usr/lib/cgi-bin/awstats.pl path: /usr/lib/cgi-bin/awstats/awstats.pl state: link -- name: Install /etc/awstats/awstats.schoolserver.conf +- name: Install /etc/awstats/awstats.schoolserver.conf from template template: src: awstats.schoolserver.conf.j2 dest: /etc/awstats/awstats.schoolserver.conf - owner: root - group: root - mode: 0644 - when: awstats_enabled | bool + # when: awstats_enabled | bool -- name: Create a symlink /etc/awstats/awstats.conf for access by IP address +- name: Symlink /etc/awstats/awstats.conf -> /etc/awstats/awstats.schoolserver.conf for access by IP address file: src: /etc/awstats/awstats.schoolserver.conf path: /etc/awstats/awstats.conf state: link - when: awstats_enabled | bool + # when: awstats_enabled | bool -- name: On first enabling of AWStats, summarize httpd logs up to now (OS's other than debuntu) - shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update - when: awstats_enabled and not is_debuntu +# - name: On first enabling of AWStats, summarize httpd logs up to now (OS's other than debuntu) +# shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update +# when: awstats_enabled and not is_debuntu -- name: On first enabling of AWStats, summarize httpd logs up to now (debuntu) +- name: On first enabling of AWStats, summarize httpd logs up to now shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update - when: awstats_enabled and is_debuntu + # when: awstats_enabled | bool -- name: Add 'awstats_installed' variable values to {{ iiab_state_file }} +- name: Add 'awstats_installed: True' to {{ iiab_state_file }} # /etc/iiab/iiab_state.yml lineinfile: dest: "{{ iiab_state_file }}" regexp: '^awstats_installed' From 155d9f4f3f9936e9a1330e66a56caef05c4fb567 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 18:22:34 -0500 Subject: [PATCH 54/67] Rename cron.d.awstats to cron.d.awstats.deprecated --- .../templates/{cron.d.awstats => cron.d.awstats.deprecated} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/awstats/templates/{cron.d.awstats => cron.d.awstats.deprecated} (100%) diff --git a/roles/awstats/templates/cron.d.awstats b/roles/awstats/templates/cron.d.awstats.deprecated similarity index 100% rename from roles/awstats/templates/cron.d.awstats rename to roles/awstats/templates/cron.d.awstats.deprecated From 373ca9e042ed3307b9b87cf96c4166ff57d41133 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 18:26:00 -0500 Subject: [PATCH 55/67] Update awstats/tasks/enable.yml --- roles/awstats/tasks/enable.yml | 57 ++++++++++++---------------------- 1 file changed, 20 insertions(+), 37 deletions(-) diff --git a/roles/awstats/tasks/enable.yml b/roles/awstats/tasks/enable.yml index 4f4f9b943..83012f988 100644 --- a/roles/awstats/tasks/enable.yml +++ b/roles/awstats/tasks/enable.yml @@ -1,60 +1,43 @@ # Apache -- name: Remove symlink /etc/apache2/sites-enabled/awstats.conf - file: - path: /etc/apache2/sites-enabled/awstats.conf - state: absent - when: not awstats_enabled or nginx_enabled +- name: Enable http://box/awstats and/or http://box/awstats/awstats.pl via Apache + command: a2ensite awstats.conf + when: apache_install and awstats_enabled -#- name: 'Install from template: /etc/{{ apache_config_dir }}/awstats.conf' -# template: -# src: apache-awstats.conf -# dest: "/etc/{{ apache_config_dir }}/awstats.conf" -# owner: root # Not nec? Remove? -# group: root # Not nec? Remove? -# mode: 0644 # Not nec? Remove? -# when: not nginx_enabled - -- name: Symlink /etc/apache2/sites-enabled/awstats.conf -> /etc/{{ apache_config_dir }}/awstats.conf - file: - src: "/etc/{{ apache_config_dir }}/awstats.conf" - path: /etc/apache2/sites-enabled/awstats.conf - state: link - when: awstats_enabled and not nginx_enabled +- name: Disable http://box/awstats and/or http://box/awstats/awstats.pl via Apache + command: a2dissite awstats.conf + when: apache_install and not awstats_enabled - name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted - when: awstats_enabled and not nginx_enabled + when: apache_enabled | bool # NGINX -- name: Remove {{ nginx_config_dir }}/awstats-nginx.conf - file: - path: "{{ nginx_config_dir }}/awstats-nginx.conf" - state: absent - when: not awstats_enabled or not nginx_enabled - -- name: 'Install from template: /etc/nginx/cgi-bin.php, {{ nginx_config_dir }}/awstats-nginx.conf' +- name: Enable http://box/awstats via NGINX, by installing /etc/nginx/cgi-bin.php & {{ nginx_config_dir }}/awstats-nginx.conf from template template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: 0644 # Not nec? Remove? with_items: - - { src: "awstats-nginx.conf", dest: "{{ nginx_config_dir }}/" } - - { src: "cgi-bin.php", dest: "/etc/nginx/" } - when: awstats_enabled and nginx_enabled + - { src: "awstats-nginx.conf", dest: "{{ nginx_config_dir }}/" } + - { src: "cgi-bin.php", dest: "/etc/nginx/" } + when: nginx_install and awstats_enabled -- name: Restart nginx systemd service +- name: Disable http://box/awstats_url via NGINX, by removing {{ nginx_config_dir }}/awstats-nginx.conf + file: + path: "{{ nginx_config_dir }}/awstats-nginx.conf" + state: absent + when: nginx_install and not awstats_enabled + +- name: Restart 'nginx' systemd service systemd: name: nginx - daemon_reload: yes state: restarted when: nginx_enabled | bool + - name: Add 'awstats' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" From 9a436fd089b5b2d5c0a196fa7fd60bcb61046e4a Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:00:39 -0500 Subject: [PATCH 56/67] Clean nginx/tasks/install.yml --- roles/nginx/tasks/install.yml | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 7271ed86e..e3198509f 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -1,5 +1,7 @@ -- name: Install nginx required and helper packages - package: name={{ item }} state=present +- name: Install NGINX required and helper packages + package: + name: "{{ item }}" + state: present with_items: - nginx-extras - uwsgi @@ -12,24 +14,23 @@ name: "{{ apache_user }}" groups: shadow -- name: Remove the nginx default config +- name: Remove NGINX default config /etc/nginx/sites-enabled/default file: path: /etc/nginx/sites-enabled/default state: absent -- name: Put config files in place (2 into /etc/nginx, 1 into /etc/{{ apache_service }}) +- name: 'Install 4 files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf, /etc/systemd/system/uwsgi.service' template: - src: '{{ item.src}}' - dest: '{{ item.dest }}' + src: "{{ item.src }}" + dest: "{{ item.dest }}" with_items: - - { src: "roles/nginx/templates/server.conf", dest: "/etc/nginx/" } - - { src: "roles/nginx/templates/nginx.conf", dest: "/etc/nginx/" } - - { src: 'roles/nginx/templates/ports.conf', dest: '/etc/{{ apache_service }}/' , mode: '0644' } - - { src: 'roles/nginx/templates/uwsgi.service', dest: '/etc/systemd/system/' , mode: '0644' } + - { src: 'roles/nginx/templates/server.conf', dest: '/etc/nginx/' } + - { src: 'roles/nginx/templates/nginx.conf', dest: '/etc/nginx/' } + - { src: 'roles/nginx/templates/ports.conf', dest: '/etc/{{ apache_service }}/' } + - { src: 'roles/nginx/templates/uwsgi.service', dest: '/etc/systemd/system/' } -- name: Let uwsgi running as {{ apache_user }} write log files +- name: Let uwsgi (running as {{ apache_user }}) write log files file: - path: /var/log/uwsgi/app - state: directory - owner: "{{ apache_user }}" - + path: /var/log/uwsgi/app + state: directory + owner: "{{ apache_user }}" From 736a20d78f540ef601a4191e88b4910748f19621 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:09:29 -0500 Subject: [PATCH 57/67] Bug & cleanup of kiwix/tasks/install.yml --- roles/kiwix/tasks/install.yml | 28 ++++++---------------------- 1 file changed, 6 insertions(+), 22 deletions(-) diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index 698f78f58..962fda4eb 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -15,9 +15,6 @@ - name: Create directory {{ iiab_zim_path }} and subdirs {content, index} for Kiwix ZIM files file: path: "{{ item }}" - # owner: root - # group: root - # mode: '0755' state: directory with_items: - "{{ iiab_zim_path }}" @@ -33,9 +30,6 @@ template: src: library.xml dest: "{{ kiwix_library_xml }}" - # owner: root - # group: root - # mode: '0644' force: no when: not kiwix_xml.stat.exists @@ -43,17 +37,11 @@ copy: src: test.zim dest: "{{ iiab_zim_path }}/content/test.zim" - # owner: root - # group: root - # mode: '0644' force: no - name: Create {{ kiwix_path }}/bin directory # /opt/iiab/kiwix/bin file: path: "{{ kiwix_path }}/bin" - # owner: root - # group: root - # mode: '0755' state: directory # 2. INSTALL KIWIX-TOOLS EXECUTABLES @@ -62,8 +50,6 @@ unarchive: src: "{{ downloads_dir }}/{{ kiwix_src_file }}" dest: /tmp - # owner: root - # group: root - name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location /opt/iiab/kiwix/bin (armhf & linux64 & i686) shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" @@ -88,18 +74,16 @@ template: src: "{{ item.src }}" dest: "{{ item.dest }}" - # owner: root - # group: root mode: "{{ item.mode }}" with_items: - - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644'} - - { src: 'iiab-make-kiwix-lib', dest: '/usr/bin/iiab-make-kiwix-lib', mode: '0755'} - - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755'} - - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644'} + - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644' } + - { src: 'iiab-make-kiwix-lib', dest: '/usr/bin/iiab-make-kiwix-lib', mode: '0755' } + - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755' } + - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644' } -5. RECORD KIWIX AS INSTALLED IN /etc/iiab/iiab_state.yml +# 5. RECORD KIWIX AS INSTALLED IN /etc/iiab/iiab_state.yml -- name: Add 'kiwix_installed' variable values to {{ iiab_state_file }} +- name: Add 'kiwix_installed: True' to {{ iiab_state_file }} lineinfile: dest: "{{ iiab_state_file }}" regexp: '^kiwix_installed' From 19fbd8df771e4717f8c2f9d0f6b4563bcf7edc23 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:19:42 -0500 Subject: [PATCH 58/67] Update install.yml --- roles/kiwix/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index 962fda4eb..e7b08df3b 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -83,7 +83,7 @@ # 5. RECORD KIWIX AS INSTALLED IN /etc/iiab/iiab_state.yml -- name: Add 'kiwix_installed: True' to {{ iiab_state_file }} +- name: "Add 'kiwix_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^kiwix_installed' From 90e8e9e62db4228bbbd1bba3f781c8fe563a2ece Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:20:35 -0500 Subject: [PATCH 59/67] Update install.yml --- roles/awstats/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index e96d3e156..6a19e4ae6 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -76,7 +76,7 @@ shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update # when: awstats_enabled | bool -- name: Add 'awstats_installed: True' to {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: "Add 'awstats_installed: True' to {{ iiab_state_file }}" # /etc/iiab/iiab_state.yml lineinfile: dest: "{{ iiab_state_file }}" regexp: '^awstats_installed' From f434b669381c7dce0bfadd303bfa561689a303c2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:28:57 -0500 Subject: [PATCH 60/67] Clean wordpress/tasks/enable.yml --- roles/wordpress/tasks/enable.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/wordpress/tasks/enable.yml b/roles/wordpress/tasks/enable.yml index a9ef41d7d..35e774f33 100644 --- a/roles/wordpress/tasks/enable.yml +++ b/roles/wordpress/tasks/enable.yml @@ -10,7 +10,7 @@ - name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted when: apache_enabled | bool @@ -28,12 +28,13 @@ state: absent when: nginx_install and not wordpress_enabled -- name: Restart nginx systemd service +- name: Restart 'nginx' systemd service systemd: name: nginx state: restarted when: nginx_enabled | bool + - name: Add 'wordpress' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" From 2e64e5b6274f7e4bbd99c09d3d930bc678e59d51 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:48:50 -0500 Subject: [PATCH 61/67] Clean wordpress/tasks/install.yml --- roles/wordpress/tasks/install.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index ac9874da8..629edf133 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -21,19 +21,19 @@ register: wp_download_output when: internet_available | bool -- name: Symlink /opt/iiab/downloads/wordpress.tar.gz -> {{ wp_download_output.dest }} +- name: Symlink {{ downloads_dir }}/wordpress.tar.gz -> {{ wp_download_output.dest }} file: src: "{{ wp_download_output.dest }}" - path: "{{ downloads_dir }}/wordpress.tar.gz" + path: "{{ downloads_dir }}/wordpress.tar.gz" # /opt/iiab/downloads state: link when: wp_download_output.dest is defined -- name: Does /opt/iiab/downloads/wordpress.tar.gz link exist? +- name: Does {{ downloads_dir }}/wordpress.tar.gz link exist? stat: - path: "{{ downloads_dir }}/wordpress.tar.gz" + path: "{{ downloads_dir }}/wordpress.tar.gz" # /opt/iiab/downloads register: wp_link -- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/wordpress.tar.gz doesn't exist +- name: FAIL (force Ansible to exit) IF {{ downloads_dir }}/wordpress.tar.gz doesn't exist fail: msg: "{{ downloads_dir }}/wordpress.tar.gz is REQUIRED in order to install WordPress." when: not wp_link.stat.exists @@ -42,7 +42,7 @@ unarchive: src: "{{ downloads_dir }}/wordpress.tar.gz" dest: "{{ wp_install_path }}" - owner: root + # owner: root group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? mode: '0664' keep_newer: yes @@ -54,7 +54,7 @@ copy: src: wp-keys.php.BAK dest: "{{ wp_abs_path }}/wp-keys.php.BAK" - owner: root # Not nec? Remove? + # owner: root group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? mode: '0640' @@ -64,8 +64,8 @@ template: src: get-iiab-wp-salts.j2 dest: /tmp/get-iiab-wp-salts - owner: root # Not nec? Remove? - group: root # Not nec? Remove? + # owner: root + # group: root mode: '0700' - name: Run /tmp/get-iiab-wp-salts to create /library/wordpress/wp-keys.php @@ -80,7 +80,7 @@ template: src: wp-config.php.j2 dest: "{{ wp_abs_path }}/wp-config.php" - owner: root # Not nec? Remove? + # owner: root group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? mode: '0660' @@ -90,7 +90,7 @@ dest: "/etc/{{ apache_config_dir }}/wordpress.conf" when: apache_enabled | bool -- name: Add 'wordpress_installed' variable values to {{ iiab_state_file }} +- name: "Add 'wordpress_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^wordpress_installed' From 237bbdb781fcbadbf95211fbe029509674a3c35a Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:51:44 -0500 Subject: [PATCH 62/67] Clean nginx/tasks/only_nginx.yml --- roles/nginx/tasks/only_nginx.yml | 36 ++++++++++++++++---------------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/roles/nginx/tasks/only_nginx.yml b/roles/nginx/tasks/only_nginx.yml index 63583f74d..f3c26719f 100644 --- a/roles/nginx/tasks/only_nginx.yml +++ b/roles/nginx/tasks/only_nginx.yml @@ -7,9 +7,9 @@ template: src: roles/awstats/templates/awstats-nginx.conf dest: /etc/nginx/conf.d/awstats-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' when: awstats_enabled | bool - name: Remove NGINX support for AWStats, if not awstats_enabled @@ -28,9 +28,9 @@ template: src: roles/calibre-web/templates/calibre-web-nginx.conf.j2 dest: /etc/nginx/conf.d/calibre-web-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' when: calibreweb_enabled | bool - name: Remove NGINX support for Calibre-Web, if not calibreweb_enabled @@ -49,9 +49,9 @@ template: src: roles/gitea/templates/gitea-nginx.conf.j2 dest: /etc/nginx/conf.d/gitea-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' when: gitea_enabled | bool - name: Remove NGINX support for Gitea, if not gitea_enabled @@ -70,9 +70,9 @@ template: src: roles/kiwix/templates/kiwix-nginx.conf dest: /etc/nginx/conf.d/kiwix-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' when: kiwix_enabled | bool - name: Remove NGINX support for Kiwix, if not kiwix_enabled @@ -91,9 +91,9 @@ template: src: roles/kolibri/templates/kolibri-nginx.conf.j2 dest: /etc/nginx/conf.d/kolibri-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' when: kolibri_enabled | bool - name: Remove NGINX support for Kolibri, if not kolibri_enabled @@ -112,9 +112,9 @@ template: src: roles/sugarizer/templates/sugarizer-nginx.conf dest: /etc/nginx/conf.d/sugarizer-nginx.conf - owner: root # Not nec? Remove? - group: root # Not nec? Remove? - mode: '0644' # Not nec? Remove? + # owner: root + # group: root + # mode: '0644' when: sugarizer_enabled | bool - name: Remove NGINX support for Sugarizer, if not sugarizer_enabled From fc9110d6d68d69b8bd5b0e8f461d2bf5ba647f0c Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:55:34 -0500 Subject: [PATCH 63/67] Clean sugarizer/tasks/install.yml --- roles/sugarizer/tasks/install.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index b65ca5c67..c60561aad 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -120,12 +120,6 @@ # when: internet_available and git_sug_server_output.changed # OLD WAY 3 # when: internet_available and not is_F18 and not node_modules_exists # OLD WAY 1 -#- name: Create the express framework for Node.js (Fedora 18) -# shell: npm install -# args: -# chdir: "{{ iiab_base }}/sugarizer/server" -# when: internet_available and is_F18 and not node_modules_exists - # Add a Node.js Express function that appends a prefix to URLs. # SEE "AUTO-INSERTED BY IIAB" ~61 LINES BELOW: as those two "pathPrefix" lines # MUST be added to /opt/iiab/sugarizer-server/sugarizer.js @@ -221,7 +215,7 @@ # # Use this instead, if tabs are truly nec: # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -- name: Add 'sugarizer_installed' variable values to {{ iiab_state_file }} +- name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^sugarizer_installed' From b6b322e2f9f724c27cd5e9fda0998c584d993ade Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 19:56:42 -0500 Subject: [PATCH 64/67] Clean gitea/tasks/install.yml --- roles/gitea/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 1b289f839..19274accb 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -124,7 +124,7 @@ - { src: 'gitea.service.j2', dest: '/etc/systemd/system/gitea.service' } - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_config_dir }}/gitea.conf" } -- name: Add 'gitea_installed' variable values to {{ iiab_state_file }} +- name: "Add 'gitea_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^gitea_installed' From 1fffcb18a726271f6925b31594394bc1c9639201 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 20:28:47 -0500 Subject: [PATCH 65/67] Clean 2-common/tasks/main.yml to avoid warnings etc --- roles/2-common/tasks/main.yml | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index b768250c1..fa9420908 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -20,76 +20,70 @@ - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined -# the following installs common packages for both debian and fedora - include_tasks: packages.yml - - include_tasks: iptables.yml - sysctl: name: net.ipv4.ip_forward - value: 1 + value: '1' state: present - sysctl: name: net.ipv4.conf.default.rp_filter - value: 1 + value: '1' state: present - sysctl: name: net.ipv4.conf.default.accept_source_route - value: 0 + value: '0' state: present - sysctl: name: kernel.sysrq - value: 1 + value: '1' state: present - sysctl: name: kernel.core_uses_pid - value: 1 + value: '1' state: present - sysctl: name: net.ipv4.tcp_syncookies - value: 1 + value: '1' state: present - sysctl: name: kernel.shmmax - value: 268435456 + value: '268435456' state: present # IPv6 disabled - sysctl: name: net.ipv6.conf.all.disable_ipv6 - value: 1 + value: '1' state: present - sysctl: name: net.ipv6.conf.default.disable_ipv6 - value: 1 + value: '1' state: present - sysctl: name: net.ipv6.conf.lo.disable_ipv6 - value: 1 + value: '1' state: present -- name: Install custom /etc/profile.d/zzz_iiab.sh from template +- name: Install /etc/profile.d/zzz_iiab.sh from template, to add sbin dirs to unprivileged users' $PATH template: dest: /etc/profile.d/zzz_iiab.sh src: zzz_iiab.sh - owner: root - mode: 0644 - backup: no - include_tasks: net_mods.yml when: not is_debuntu and not is_F18 - include_tasks: udev.yml - - include_tasks: iiab-startup.yml - name: Recording STAGE 2 HAS COMPLETED ========================== From 15909ace31de2882b6ee4720b502d83998623b21 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 11 Jan 2020 22:29:54 -0500 Subject: [PATCH 66/67] Update 8 enable.yml files to "{{ item.value | string }}" --- roles/awstats/tasks/enable.yml | 2 +- roles/calibre-web/tasks/enable.yml | 2 +- roles/gitea/tasks/enable.yml | 2 +- roles/kiwix/tasks/enable.yml | 2 +- roles/kolibri/tasks/enable.yml | 2 +- roles/mediawiki/tasks/enable.yml | 2 +- roles/sugarizer/tasks/enable.yml | 2 +- roles/wordpress/tasks/enable.yml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/awstats/tasks/enable.yml b/roles/awstats/tasks/enable.yml index 83012f988..8a4529597 100644 --- a/roles/awstats/tasks/enable.yml +++ b/roles/awstats/tasks/enable.yml @@ -43,7 +43,7 @@ path: "{{ iiab_ini_file }}" section: awstats option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: AWStats diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index 60422823c..af38393c7 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -61,7 +61,7 @@ path: "{{ iiab_ini_file }}" section: calibre-web option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: calibre-web diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index f2d8d6ccf..6e1dd8993 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -55,7 +55,7 @@ path: "{{ iiab_ini_file }}" section: gitea option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: gitea diff --git a/roles/kiwix/tasks/enable.yml b/roles/kiwix/tasks/enable.yml index c249d1635..0fa9519e4 100644 --- a/roles/kiwix/tasks/enable.yml +++ b/roles/kiwix/tasks/enable.yml @@ -77,7 +77,7 @@ path: "{{ iiab_ini_file }}" section: kiwix option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Kiwix diff --git a/roles/kolibri/tasks/enable.yml b/roles/kolibri/tasks/enable.yml index 790de0319..0bbd088b0 100644 --- a/roles/kolibri/tasks/enable.yml +++ b/roles/kolibri/tasks/enable.yml @@ -55,7 +55,7 @@ path: "{{ iiab_ini_file }}" section: kolibri option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: kolibri diff --git a/roles/mediawiki/tasks/enable.yml b/roles/mediawiki/tasks/enable.yml index dc224a1f9..4d20df853 100644 --- a/roles/mediawiki/tasks/enable.yml +++ b/roles/mediawiki/tasks/enable.yml @@ -41,7 +41,7 @@ path: "{{ iiab_ini_file }}" section: mediawiki option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: mediawiki diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index 88ec6bd18..d23fdff8a 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -55,7 +55,7 @@ path: "{{ iiab_ini_file }}" section: sugarizer option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Sugarizer diff --git a/roles/wordpress/tasks/enable.yml b/roles/wordpress/tasks/enable.yml index 35e774f33..397a48d61 100644 --- a/roles/wordpress/tasks/enable.yml +++ b/roles/wordpress/tasks/enable.yml @@ -40,7 +40,7 @@ path: "{{ iiab_ini_file }}" section: wordpress option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: WordPress From e293708fd719a03780ac32021c0df1a739289563 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 Jan 2020 22:44:21 -0500 Subject: [PATCH 67/67] Rename enable.yml to kiwix_enable.yml --- roles/kiwix/tasks/{enable.yml => kiwix_enable.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/kiwix/tasks/{enable.yml => kiwix_enable.yml} (100%) diff --git a/roles/kiwix/tasks/enable.yml b/roles/kiwix/tasks/kiwix_enable.yml similarity index 100% rename from roles/kiwix/tasks/enable.yml rename to roles/kiwix/tasks/kiwix_enable.yml