From eec9500192ec689daf7e283a558a4f3fcad610da Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 18 Jan 2020 22:58:22 -0600 Subject: [PATCH 01/12] don't override --- roles/nginx/tasks/install.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 301120a65..cf7b1f896 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -27,7 +27,6 @@ - { src: 'roles/nginx/templates/server.conf.j2', dest: '/etc/nginx/server.conf' } - { src: 'roles/nginx/templates/nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } - { src: 'roles/nginx/templates/ports.conf.j2', dest: '/etc/{{ apache_service }}/ports.conf' } - - { src: 'roles/nginx/templates/uwsgi.service', dest: '/etc/systemd/system/' } - name: Let uwsgi (running as {{ apache_user }}) write log files file: From 9c19f9112f2a1c1aecb8d1c5adec2832c076d8f1 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 18 Jan 2020 22:59:55 -0600 Subject: [PATCH 02/12] use apps-enabled in place of service file --- roles/captiveportal/tasks/main.yml | 60 +++++++++++++++++------------- 1 file changed, 34 insertions(+), 26 deletions(-) diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index 27c0a1760..082de91b1 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -41,11 +41,11 @@ - mac.template #- roles/captiveportal/files/mac.template -- name: Install uWSGI config file /opt/iiab/captiveportal/captiveportal.ini from template - template: - src: captiveportal.ini.j2 - #src: roles/captiveportal/templates/captiveportal.ini.j2 - dest: /opt/iiab/captiveportal/captiveportal.ini +#- name: Install /etc/systemd/system/uwsgi-captiveportal.service from template +# template: +# src: uwsgi-captiveportal.service +# #src: roles/captiveportal/templates/uwsgi-captiveportal.service +# dest: /etc/systemd/system/ - name: "Add 'captiveportal_installed: True' to {{ iiab_state_file }}" lineinfile: @@ -55,25 +55,33 @@ # TO DO: move most/all 7-10 stanzas below into enable-or-disable.yml -- name: Install /etc/systemd/system/uwsgi-captiveportal.service from template - template: - src: uwsgi-captiveportal.service - #src: roles/captiveportal/templates/uwsgi-captiveportal.service - dest: /etc/systemd/system/ +#- name: Restart & Enable 'uwsgi-captiveportal' systemd service (uWSGI server) that responds to browsers trying to detect a Captive Portal +# systemd: +# name: uwsgi-captiveportal +# daemon_reload: yes +# state: restarted +# enabled: True +# when: captiveportal_enabled | bool -- name: Restart & Enable 'uwsgi-captiveportal' systemd service (uWSGI server) that responds to browsers trying to detect a Captive Portal - systemd: - name: uwsgi-captiveportal - daemon_reload: yes - state: restarted - enabled: True +#- name: Stop & Disable 'uwsgi-captiveportal' systemd service (uWSGI server) if Captive Portal has been disabled +# systemd: +# name: uwsgi-captiveportal +# state: stopped +# enabled: False +# when: not captiveportal_enabled + +- name: Install uWSGI config file /etc/uwsgi/apps-enabled/captiveportal.ini from template + template: + src: captiveportal.ini.j2 + #src: roles/captiveportal/templates/captiveportal.ini.j2 + dest: /etc/uwsgi/apps-enabled/captiveportal.ini when: captiveportal_enabled | bool -- name: Stop & Disable 'uwsgi-captiveportal' systemd service (uWSGI server) if Captive Portal has been disabled - systemd: - name: uwsgi-captiveportal - state: stopped - enabled: False +- name: Delete uWSGI config file /etc/uwsgi/apps-enabled/captiveportal.ini when disabled + file: + #src: /etc/nginx/sites-available/capture.conf + path: /etc/uwsgi/apps-enabled/captiveportal.ini + state: absent when: not captiveportal_enabled - name: Run iiab-divert-to-nginx to generate diversion lists for NGINX @@ -104,11 +112,11 @@ state: absent when: not captiveportal_enabled -#- name: Restart dnsmasq -# systemd: -# name: dnsmasq -# state: restarted -# when: dnsmasq_enabled | bool +- name: Restart uwsgi + systemd: + name: uwsgi + state: restarted + daemon_reload: yes # ABOVE DOES NOT WORK ON UBUNTU 16.04 -- what follows is a crude hack (seems to work!) From cad855ec2583c4a123d1ff9b6c9fc87480ef868c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 18 Jan 2020 23:00:23 -0600 Subject: [PATCH 03/12] adjust logging --- roles/captiveportal/templates/capture-wsgi.py.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/captiveportal/templates/capture-wsgi.py.j2 b/roles/captiveportal/templates/capture-wsgi.py.j2 index 944ee556e..805e79213 100755 --- a/roles/captiveportal/templates/capture-wsgi.py.j2 +++ b/roles/captiveportal/templates/capture-wsgi.py.j2 @@ -46,9 +46,9 @@ if len(sys.argv) > 1: loggingLevel = "DEBUG" # set up some logging -- selectable for diagnostics -logging.basicConfig(filename='{{ nginx_log_dir }}/portal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel) -logger = logging.getLogger('{{ nginx_log_dir }}/portal.log') -handler = RotatingFileHandler("{{ nginx_log_dir }}/portal.log", maxBytes=100000, backupCount=2) +logging.basicConfig(filename='/var/log/uwsgi/app/captiveportal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel) +logger = logging.getLogger('/var/log/uwsgi/app/captiveportal.log') +handler = RotatingFileHandler("/var/log/uwsgi/app/captiveportal.log", maxBytes=100000, backupCount=2) logger.addHandler(handler) PORT={{ captiveportal_port }} From fb377ee29a5a6c915810969d2c11117a40d6c016 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 18 Jan 2020 23:05:25 -0600 Subject: [PATCH 04/12] let /etc/logrotate.d/uwsgi do its job --- roles/2-common/tasks/fl.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/roles/2-common/tasks/fl.yml b/roles/2-common/tasks/fl.yml index 21038dd3d..2676d9b3a 100644 --- a/roles/2-common/tasks/fl.yml +++ b/roles/2-common/tasks/fl.yml @@ -37,14 +37,3 @@ src: "{{ doc_root }}/common/fonts" # /library/www/html path: "{{ doc_root }}/common/webfonts" state: link - -- name: File Layout - Create log file directories {{ apache_log_dir }} & {{ nginx_log_dir }} - file: - path: "{{ item }}" - owner: "{{ apache_user }}" # www-data - group: "{{ apache_user }}" # www-data - mode: '0770' - state: directory - with_items: - - "{{ apache_log_dir }}" # /var/log/apache2 typically, as set in /opt/iiab/iiab/vars/.yml - - "{{ nginx_log_dir }}" # /var/log/nginx From c4dea1b5c22347bd5127eace3c7574e9c8637365 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 18 Jan 2020 23:17:52 -0600 Subject: [PATCH 05/12] clean up uwsgi.service --- roles/nginx/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index e5c4c6a18..d2f57ffe3 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -3,6 +3,7 @@ path: "{{ item.path }}" state: absent with_items: + - { path: "/etc/systemd/system/uwsgi.service" } - { path: "{{ nginx_config_dir }}/usb-lib.conf" } - { path: "{{ nginx_config_dir }}/modules.conf" } From 643399eb60da14865a7acdc4ed38c13e2cf4b3dd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 19 Jan 2020 01:11:03 -0600 Subject: [PATCH 06/12] remove comment --- roles/captiveportal/tasks/main.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index 082de91b1..afe1876a9 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -118,8 +118,6 @@ state: restarted daemon_reload: yes -# ABOVE DOES NOT WORK ON UBUNTU 16.04 -- what follows is a crude hack (seems to work!) - - name: Stop 'dnsmasq' systemd service systemd: name: dnsmasq From 23582410a61515b5e146c1126604c6a800639a5c Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 19 Jan 2020 01:25:18 -0600 Subject: [PATCH 07/12] move unused files --- ...admin-console-apache.conf => admin-console-apache.conf.unused} | 0 .../{admin-console-nginx.conf => admin-console-nginx.conf.unused} | 0 .../templates/{admin-console.ini => admin-console.ini.unused} | 0 roles/nginx/templates/{uwsgi.service => uwsgi.service.unused} | 0 4 files changed, 0 insertions(+), 0 deletions(-) rename roles/nginx/templates/{admin-console-apache.conf => admin-console-apache.conf.unused} (100%) rename roles/nginx/templates/{admin-console-nginx.conf => admin-console-nginx.conf.unused} (100%) rename roles/nginx/templates/{admin-console.ini => admin-console.ini.unused} (100%) rename roles/nginx/templates/{uwsgi.service => uwsgi.service.unused} (100%) diff --git a/roles/nginx/templates/admin-console-apache.conf b/roles/nginx/templates/admin-console-apache.conf.unused similarity index 100% rename from roles/nginx/templates/admin-console-apache.conf rename to roles/nginx/templates/admin-console-apache.conf.unused diff --git a/roles/nginx/templates/admin-console-nginx.conf b/roles/nginx/templates/admin-console-nginx.conf.unused similarity index 100% rename from roles/nginx/templates/admin-console-nginx.conf rename to roles/nginx/templates/admin-console-nginx.conf.unused diff --git a/roles/nginx/templates/admin-console.ini b/roles/nginx/templates/admin-console.ini.unused similarity index 100% rename from roles/nginx/templates/admin-console.ini rename to roles/nginx/templates/admin-console.ini.unused diff --git a/roles/nginx/templates/uwsgi.service b/roles/nginx/templates/uwsgi.service.unused similarity index 100% rename from roles/nginx/templates/uwsgi.service rename to roles/nginx/templates/uwsgi.service.unused From e25604bc6426accb679c30548284fb019916ca48 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 19 Jan 2020 12:14:38 -0600 Subject: [PATCH 08/12] managed by /etc/logrotate.d/uwsgi --- roles/nginx/tasks/install.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index cf7b1f896..d59224e0f 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -28,12 +28,6 @@ - { src: 'roles/nginx/templates/nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } - { src: 'roles/nginx/templates/ports.conf.j2', dest: '/etc/{{ apache_service }}/ports.conf' } -- name: Let uwsgi (running as {{ apache_user }}) write log files - file: - path: /var/log/uwsgi/app - state: directory - owner: "{{ apache_user }}" - - name: "Add 'nginx_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From d8b08c1f067aa53d6bb8cda2bc0405e3ebc21634 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 19 Jan 2020 21:28:17 -0600 Subject: [PATCH 09/12] always enable uwsgi --- roles/captiveportal/tasks/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index afe1876a9..36970c291 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -112,11 +112,13 @@ state: absent when: not captiveportal_enabled +# lets assume admin-console was/will be installed anyway - name: Restart uwsgi systemd: name: uwsgi - state: restarted daemon_reload: yes + state: restarted + enabled: true - name: Stop 'dnsmasq' systemd service systemd: From 2acf98af608e123e2d74a3b4ecf1d1c8852e8e13 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 21 Jan 2020 00:23:55 -0600 Subject: [PATCH 10/12] move log directory --- roles/captiveportal/tasks/main.yml | 8 ++++++++ roles/captiveportal/templates/capture-wsgi.py.j2 | 6 +++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index 36970c291..5e2c3aff9 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -14,6 +14,14 @@ state: directory owner: "{{ apache_user }}" +- name: Create directory /var/log/captiveportal for logs; set owner to {{ apache_user }} + file: + path: /var/log/captiveportal + state: directory + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + mode: 0750 # same as /var/log/apache2 + - name: "Install 3 scripts from template: /opt/iiab/captiveportal/checkurls, /usr/sbin/iiab-make-cp-servers.py, /usr/sbin/iiab-divert-to-nginx" template: src: "{{ item.src }}" diff --git a/roles/captiveportal/templates/capture-wsgi.py.j2 b/roles/captiveportal/templates/capture-wsgi.py.j2 index 805e79213..9e837f374 100755 --- a/roles/captiveportal/templates/capture-wsgi.py.j2 +++ b/roles/captiveportal/templates/capture-wsgi.py.j2 @@ -46,9 +46,9 @@ if len(sys.argv) > 1: loggingLevel = "DEBUG" # set up some logging -- selectable for diagnostics -logging.basicConfig(filename='/var/log/uwsgi/app/captiveportal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel) -logger = logging.getLogger('/var/log/uwsgi/app/captiveportal.log') -handler = RotatingFileHandler("/var/log/uwsgi/app/captiveportal.log", maxBytes=100000, backupCount=2) +logging.basicConfig(filename='/var/log/captiveprotal/captiveportal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel) +logger = logging.getLogger('/var/log/captiveportal/captiveportal.log') +handler = RotatingFileHandler("/var/log/captiveportal/captiveportal.log", maxBytes=100000, backupCount=2) logger.addHandler(handler) PORT={{ captiveportal_port }} From ab411eda6539d589add6754f8130f138264b87bd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 22 Jan 2020 10:45:14 -0600 Subject: [PATCH 11/12] correct typo in capture-wsgi.py.j2 --- roles/captiveportal/templates/capture-wsgi.py.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/captiveportal/templates/capture-wsgi.py.j2 b/roles/captiveportal/templates/capture-wsgi.py.j2 index 9e837f374..e240b827a 100755 --- a/roles/captiveportal/templates/capture-wsgi.py.j2 +++ b/roles/captiveportal/templates/capture-wsgi.py.j2 @@ -46,7 +46,7 @@ if len(sys.argv) > 1: loggingLevel = "DEBUG" # set up some logging -- selectable for diagnostics -logging.basicConfig(filename='/var/log/captiveprotal/captiveportal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel) +logging.basicConfig(filename='/var/log/captiveportal/captiveportal.log',format='%(asctime)s.%(msecs)03d:%(name)s:%(message)s', datefmt='%M:%S',level=loggingLevel) logger = logging.getLogger('/var/log/captiveportal/captiveportal.log') handler = RotatingFileHandler("/var/log/captiveportal/captiveportal.log", maxBytes=100000, backupCount=2) logger.addHandler(handler) From eb39494f1800176a729e3ea7a8d5f2b144256b9d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 22 Jan 2020 14:24:23 -0600 Subject: [PATCH 12/12] handle /etc/init.d/uwsgi behavior --- roles/captiveportal/tasks/main.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index 5e2c3aff9..87e03de23 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -78,6 +78,11 @@ # enabled: False # when: not captiveportal_enabled +- name: Stop uwsgi + systemd: + name: uwsgi + state: stopped + - name: Install uWSGI config file /etc/uwsgi/apps-enabled/captiveportal.ini from template template: src: captiveportal.ini.j2 @@ -121,11 +126,11 @@ when: not captiveportal_enabled # lets assume admin-console was/will be installed anyway -- name: Restart uwsgi +- name: Start uwsgi systemd: name: uwsgi daemon_reload: yes - state: restarted + state: started enabled: true - name: Stop 'dnsmasq' systemd service