mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
Merge branch 'master' into virtualenv-for-kalite
This commit is contained in:
commit
cc670fc12c
17 changed files with 166 additions and 129 deletions
|
@ -1,14 +1,21 @@
|
||||||
|
# adm_cons_force_ssl: False
|
||||||
|
|
||||||
# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
|
# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
|
||||||
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
|
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
|
||||||
|
|
||||||
|
|
||||||
# SEE ALSO /opt/iiab/iiab/roles/1-prep/defaults/main.yml
|
# SEE ALSO /opt/iiab/iiab/roles/1-prep/defaults/main.yml
|
||||||
|
|
||||||
|
# 2021-07-30: Primarily for Admin Console: later change to 443 for #2811 HTTPS?
|
||||||
|
gui_port: 80
|
||||||
|
#is_F18: False # 2021-07-30: No longer used
|
||||||
|
|
||||||
# (PRE-)release version number, for {{ iiab_env_file }} = /etc/iiab/iiab.env
|
# (PRE-)release version number, for {{ iiab_env_file }} = /etc/iiab/iiab.env
|
||||||
# iiab_base_ver: 8.0
|
# iiab_base_ver: 8.0
|
||||||
# iiab_revision: 0
|
# iiab_revision: 0
|
||||||
# ABOVE 3 LINES MOVED TO /opt/iiab/iiab/vars/default_vars.yml
|
# ABOVE 3 LINES MOVED TO /opt/iiab/iiab/vars/default_vars.yml
|
||||||
|
|
||||||
|
|
||||||
# These entries should never be changed in this file.
|
# These entries should never be changed in this file.
|
||||||
# These are defaults for boolean routines.
|
# These are defaults for boolean routines.
|
||||||
|
|
||||||
|
@ -27,10 +34,6 @@ gw_active: False
|
||||||
internet_available: False
|
internet_available: False
|
||||||
discovered_wan_iface: none # 2021-07-30: Very broadly used!
|
discovered_wan_iface: none # 2021-07-30: Very broadly used!
|
||||||
|
|
||||||
# 2021-07-30: Primarily for Admin Console: later change to 443 for #2811 HTTPS?
|
|
||||||
gui_port: 80
|
|
||||||
#is_F18: False # 2021-07-30: No longer used
|
|
||||||
|
|
||||||
# 2021-07-30: Barely used -- for {named, dhcpd, squid} in
|
# 2021-07-30: Barely used -- for {named, dhcpd, squid} in
|
||||||
# roles/network/tasks/main.yml -- after being set in 0-init/tasks/network.yml
|
# roles/network/tasks/main.yml -- after being set in 0-init/tasks/network.yml
|
||||||
FQDN_changed: False
|
FQDN_changed: False
|
||||||
|
@ -46,6 +49,6 @@ FQDN_changed: False
|
||||||
installing: False
|
installing: False
|
||||||
|
|
||||||
# 2021-07-30: Broadly used across roles/network/tasks/*.yml -- but things might
|
# 2021-07-30: Broadly used across roles/network/tasks/*.yml -- but things might
|
||||||
# possibly change if roles/network becomes optional per #2876 ?
|
# possibly change if roles/network becomes optional per PR #2876 ?
|
||||||
no_net_restart: False
|
no_net_restart: False
|
||||||
#no_NM_reload: False # 2021-07-30: Was used in roles/network/tasks/fedora/*
|
#no_NM_reload: False # 2021-07-30: Was used in roles/network/tasks/fedora/*
|
||||||
|
|
|
@ -13,6 +13,11 @@
|
||||||
#xo_model: "{{ ansible_local.local_facts.xo_model }}"
|
#xo_model: "{{ ansible_local.local_facts.xo_model }}"
|
||||||
iiab_stage: "{{ ansible_local.local_facts.stage }}"
|
iiab_stage: "{{ ansible_local.local_facts.stage }}"
|
||||||
|
|
||||||
|
# 2020-10-29: Appears no longer nec (see 3 above ansible_local.local_facts.*)
|
||||||
|
#- name: Re-read local_facts.facts from /etc/ansible/facts.d
|
||||||
|
# setup:
|
||||||
|
# filter: ansible_local
|
||||||
|
|
||||||
# Initialize /etc/iiab/iiab.ini writing the 'location' and 'version' sections
|
# Initialize /etc/iiab/iiab.ini writing the 'location' and 'version' sections
|
||||||
# once and only once, to preserve the install date and git hash.
|
# once and only once, to preserve the install date and git hash.
|
||||||
- name: Create {{ iiab_ini_file }}, if it doesn't exist
|
- name: Create {{ iiab_ini_file }}, if it doesn't exist
|
||||||
|
@ -29,11 +34,6 @@
|
||||||
first_run: True
|
first_run: True
|
||||||
when: not iiab_ini_test.stat.exists
|
when: not iiab_ini_test.stat.exists
|
||||||
|
|
||||||
# 2020-10-29: Appears no longer nec (see 3 above ansible_local.local_facts.*)
|
|
||||||
#- name: Re-read local_facts.facts from /etc/ansible/facts.d
|
|
||||||
# setup:
|
|
||||||
# filter: ansible_local
|
|
||||||
|
|
||||||
|
|
||||||
# Copies the latest/known version of iiab-diagnostics into /usr/bin (so it can
|
# Copies the latest/known version of iiab-diagnostics into /usr/bin (so it can
|
||||||
# be run even if local source tree /opt/iiab/iiab is deleted to conserve disk).
|
# be run even if local source tree /opt/iiab/iiab is deleted to conserve disk).
|
||||||
|
|
|
@ -2,21 +2,24 @@
|
||||||
1-prep README
|
1-prep README
|
||||||
=============
|
=============
|
||||||
|
|
||||||
This 1st `stage <https://github.com/iiab/iiab/wiki/IIAB-Contributors-Guide#ansible>`_ (1-prep) is primarily hardware-focused, prior to OS
|
This 1st `stage <https://github.com/iiab/iiab/wiki/IIAB-Contributors-Guide#ansible>`_ (1-prep) arranges low-level things like remote support infra, DNS prep, hardware, low-level OS quirks, and basic security:
|
||||||
additions/mods — but also includes critical pieces sometimes needed for
|
|
||||||
remote support:
|
|
||||||
|
|
||||||
- dnsmasq
|
- SSHD
|
||||||
- /etc/iiab/uuid
|
- OpenVPN if/as needed later for remote support
|
||||||
- Customizing /var/log/* for Ubermix on each boot, using /etc/tmpfiles.d
|
- `iiab-admin <https://github.com/iiab/iiab/tree/master/roles/iiab-admin#iiab-admin-readme>`_ username and group, to log into Admin Console
|
||||||
- SSH
|
- dnsmasq (install now, configure later!)
|
||||||
- `iiab-admin <https://github.com/iiab/iiab/tree/master/roles/iiab-admin>`_ username and group to log into Admin Console
|
- Universally unique identifier: /etc/iiab/uuid
|
||||||
- OpenVPN software if/as needed later for remote support
|
- Ubermix (distro) needs /etc/tmpfiles.d/iiab.conf to create essential /var/log subdirs on each boot
|
||||||
- `raspberry_pi.yml <tasks/raspberry_pi.yml>`_ including RTC, essential packages, and networking basics
|
- Hardware actions:
|
||||||
|
- `raspberry_pi.yml <tasks/raspberry_pi.yml>`_:
|
||||||
|
- RTC (real-time clock): install udev rule, configure, enable
|
||||||
|
- Install packages related to:
|
||||||
|
- growpart
|
||||||
|
- swapfile
|
||||||
|
- fake-hwclock (as RTC is often missing or dead!)
|
||||||
|
- Wi-Fi
|
||||||
|
- Increase swap file size
|
||||||
|
- `rootfs auto-resizing <https://github.com/iiab/iiab/blob/master/roles/1-prep/templates/iiab-rpi-max-rootfs.sh>`_
|
||||||
|
- NUC 6 Wi-Fi firmware
|
||||||
|
|
||||||
Traditionally 1-prep also included preliminaries like hostname and
|
Recap: Similar to 0-init, 2-common, 3-base-server, 4 server-options and 5-xo-services — this 1st stage installs core server infra (that is not user-facing).
|
||||||
hardware-oriented things specific to a particular platform (such as
|
|
||||||
One Laptop Per Child's XO laptop) i.e. critical setup prior to the
|
|
||||||
bulk of IIAB's software install.
|
|
||||||
|
|
||||||
Recap: Similar to 0-init, 2-common, 3-base-server, 4 server-options and 5-xo-services — this 1st stage installs core server infra (that is not user-facing).
|
|
||||||
|
|
17
roles/1-prep/tasks/hardware.yml
Normal file
17
roles/1-prep/tasks/hardware.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
## DISCOVER PLATFORMS ######
|
||||||
|
# Put conditional actions for hardware platforms here
|
||||||
|
|
||||||
|
- include_tasks: raspberry_pi.yml
|
||||||
|
when: first_run and rpi_model != "none"
|
||||||
|
|
||||||
|
- name: Check if the identifier for Intel's NUC6 built-in WiFi is present
|
||||||
|
shell: "lsusb | grep 8087:0a2b | wc | awk '{print $1}'"
|
||||||
|
register: usb_NUC6
|
||||||
|
ignore_errors: True
|
||||||
|
|
||||||
|
- name: Download {{ iiab_download_url }}/iwlwifi-8000C-13.ucode to /lib/firmware for built-in WiFi on NUC6 # iiab_download_url is http://download.iiab.io/packages
|
||||||
|
get_url:
|
||||||
|
url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode"
|
||||||
|
dest: /lib/firmware
|
||||||
|
timeout: "{{ download_timeout }}"
|
||||||
|
when: internet_available and usb_NUC6.stdout|int > 0
|
|
@ -1,85 +1,31 @@
|
||||||
# Preparations (Hardware Level)
|
# Preparations (low-level e.g. remote support, DNS prep, HW/OS, basic security)
|
||||||
|
|
||||||
- name: ...IS BEGINNING ============================================
|
- name: ...IS BEGINNING ============================================
|
||||||
meta: noop
|
meta: noop
|
||||||
|
|
||||||
- name: dnsmasq (install now, configure LATER in 'network', after Stage 9)
|
|
||||||
include_tasks: roles/network/tasks/dnsmasq.yml
|
|
||||||
#when: dnsmasq_install # Flag might be used in future?
|
|
||||||
|
|
||||||
|
|
||||||
- name: 'Install packages: sudo, uuid-runtime'
|
|
||||||
package:
|
|
||||||
name:
|
|
||||||
- sudo
|
|
||||||
- uuid-runtime
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Does /etc/iiab/uuid exist?
|
|
||||||
stat:
|
|
||||||
path: /etc/iiab/uuid
|
|
||||||
register: uuid_file
|
|
||||||
|
|
||||||
- name: If not, run 'uuidgen' to create a uuid, in register uuid_response
|
|
||||||
command: uuidgen
|
|
||||||
register: uuid_response
|
|
||||||
when: not uuid_file.stat.exists
|
|
||||||
|
|
||||||
- name: Save it to /etc/iiab/uuid
|
|
||||||
shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid
|
|
||||||
when: not uuid_file.stat.exists
|
|
||||||
|
|
||||||
- name: Load /etc/iiab/uuid, into register stored_uuid
|
|
||||||
command: cat /etc/iiab/uuid
|
|
||||||
register: stored_uuid
|
|
||||||
|
|
||||||
- name: Store it in Ansible variable 'uuid'
|
|
||||||
set_fact:
|
|
||||||
uuid: "{{ stored_uuid.stdout_lines[0] }}"
|
|
||||||
|
|
||||||
|
|
||||||
- name: Does 'ubermix' exist in /etc/lsb-release?
|
|
||||||
shell: grep -i ubermix /etc/lsb-release # Pipe to cat to avoid red errors?
|
|
||||||
register: grep_ubermix
|
|
||||||
failed_when: False # Universal way to hide alarmist red errors!
|
|
||||||
#ignore_errors: True
|
|
||||||
#check_mode: no
|
|
||||||
|
|
||||||
- name: If so, install /etc/tmpfiles.d/iiab.conf to create /var/log subdirs on each boot, so {Apache, MongoDB, Munin} run on Ubermix
|
|
||||||
copy:
|
|
||||||
src: roles/1-prep/files/iiab.conf
|
|
||||||
dest: /etc/tmpfiles.d/
|
|
||||||
# owner: root
|
|
||||||
# group: root
|
|
||||||
# mode: '0644'
|
|
||||||
force: yes
|
|
||||||
when: grep_ubermix.rc == 0 # 1 if absent in file, 2 if file doesn't exist
|
|
||||||
|
|
||||||
# 2020-03-19: for KA Lite, but moved from roles/kalite/tasks/install.yml
|
|
||||||
# This effectively does nothing at all on Ubuntu & Raspbian, where libgeos-*
|
|
||||||
# pkgs are not installed FWIW. But it's included to safeguard us across all
|
|
||||||
# OS's, in case others OS's like Ubermix later appear. See #1382 for details.
|
|
||||||
# Removing pkgs libgeos-3.6.2 & libgeos-c1v5 fixed the situation on Ubermix!
|
|
||||||
- name: Remove libgeos-* pkgs, avoiding KA Lite Django failure on Ubermix
|
|
||||||
shell: apt -y remove "libgeos-*"
|
|
||||||
when: grep_ubermix.rc == 0 # 1 if absent in file, 2 if file doesn't exist
|
|
||||||
|
|
||||||
|
|
||||||
- name: SSHD -- required by OpenVPN below -- also run by roles/4-server-options/tasks/main.yml
|
- name: SSHD -- required by OpenVPN below -- also run by roles/4-server-options/tasks/main.yml
|
||||||
include_role:
|
include_role:
|
||||||
name: sshd
|
name: sshd
|
||||||
when: sshd_install
|
when: sshd_install
|
||||||
|
|
||||||
- name: IIAB-ADMIN
|
|
||||||
include_role:
|
|
||||||
name: iiab-admin
|
|
||||||
#when: iiab_admin_install # Flag might be created in future?
|
|
||||||
|
|
||||||
- name: OPENVPN
|
- name: OPENVPN
|
||||||
include_role:
|
include_role:
|
||||||
name: openvpn
|
name: openvpn
|
||||||
when: openvpn_install
|
when: openvpn_install
|
||||||
|
|
||||||
|
- name: IIAB-ADMIN -- includes roles/iiab-admin/tasks/access.yml
|
||||||
|
include_role:
|
||||||
|
name: iiab-admin
|
||||||
|
#when: iiab_admin_install # Flag might be created in future?
|
||||||
|
|
||||||
|
- name: Install dnsmasq -- configure LATER in 'network', after Stage 9
|
||||||
|
include_tasks: roles/network/tasks/dnsmasq.yml
|
||||||
|
#when: dnsmasq_install # Flag might be used in future?
|
||||||
|
|
||||||
|
- include_tasks: uuid.yml
|
||||||
|
- include_tasks: ubermix.yml
|
||||||
|
- include_tasks: hardware.yml # Can run raspberry_pi.yml
|
||||||
|
|
||||||
|
|
||||||
# Debian 10 "Buster" is apparently enabling AppArmor in 2019:
|
# Debian 10 "Buster" is apparently enabling AppArmor in 2019:
|
||||||
# https://wiki.debian.org/AppArmor/Progress
|
# https://wiki.debian.org/AppArmor/Progress
|
||||||
|
@ -109,25 +55,6 @@
|
||||||
# when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
|
# when: not is_debuntu and selinux_disabled is defined and selinux_disabled.changed
|
||||||
|
|
||||||
|
|
||||||
## DISCOVER PLATFORMS ######
|
|
||||||
# Put conditional actions for hardware platforms here
|
|
||||||
|
|
||||||
- include_tasks: raspberry_pi.yml
|
|
||||||
when: first_run and rpi_model != "none"
|
|
||||||
|
|
||||||
- name: Check if the identifier for Intel's NUC6 built-in WiFi is present
|
|
||||||
shell: "lsusb | grep 8087:0a2b | wc | awk '{print $1}'"
|
|
||||||
register: usb_NUC6
|
|
||||||
ignore_errors: True
|
|
||||||
|
|
||||||
- name: Download {{ iiab_download_url }}/iwlwifi-8000C-13.ucode to /lib/firmware for built-in WiFi on NUC6 # iiab_download_url is http://download.iiab.io/packages
|
|
||||||
get_url:
|
|
||||||
url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode"
|
|
||||||
dest: /lib/firmware
|
|
||||||
timeout: "{{ download_timeout }}"
|
|
||||||
when: internet_available and usb_NUC6.stdout|int > 0
|
|
||||||
|
|
||||||
|
|
||||||
- name: Recording STAGE 1 HAS COMPLETED ============================
|
- name: Recording STAGE 1 HAS COMPLETED ============================
|
||||||
template:
|
template:
|
||||||
src: roles/1-prep/templates/iiab.env.j2
|
src: roles/1-prep/templates/iiab.env.j2
|
||||||
|
|
|
@ -31,6 +31,7 @@
|
||||||
# line: 'include btcfg.txt'
|
# line: 'include btcfg.txt'
|
||||||
# when: is_ubuntu
|
# when: is_ubuntu
|
||||||
|
|
||||||
|
|
||||||
- name: '2021-07-27: SEE ALSO ~4 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml'
|
- name: '2021-07-27: SEE ALSO ~4 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/packages.yml'
|
||||||
meta: noop
|
meta: noop
|
||||||
|
|
||||||
|
@ -55,6 +56,7 @@
|
||||||
- wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions
|
- wireless-tools # 2021-07-27: RaspiOS installs this regardless -- manipulate Linux Wireless Extensions
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
|
||||||
- name: Increase swap file size (to CONF_SWAPSIZE={{ pi_swap_file_size }} in /etc/dphys-swapfile) as kalite pip download fails
|
- name: Increase swap file size (to CONF_SWAPSIZE={{ pi_swap_file_size }} in /etc/dphys-swapfile) as kalite pip download fails
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/dphys-swapfile
|
path: /etc/dphys-swapfile
|
||||||
|
@ -67,6 +69,7 @@
|
||||||
name: dphys-swapfile
|
name: dphys-swapfile
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
|
|
||||||
- name: Install RPi rootfs resizing (/usr/sbin/iiab-rpi-max-rootfs.sh) and its systemd service (/etc/systemd/system/iiab-rpi-root-resize.service), from templates (root:root by default)
|
- name: Install RPi rootfs resizing (/usr/sbin/iiab-rpi-max-rootfs.sh) and its systemd service (/etc/systemd/system/iiab-rpi-root-resize.service), from templates (root:root by default)
|
||||||
template:
|
template:
|
||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
|
|
25
roles/1-prep/tasks/ubermix.yml
Normal file
25
roles/1-prep/tasks/ubermix.yml
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
- name: Does 'ubermix' exist in /etc/lsb-release?
|
||||||
|
shell: grep -i ubermix /etc/lsb-release # Pipe to cat to avoid red errors?
|
||||||
|
register: grep_ubermix
|
||||||
|
failed_when: False # Universal way to hide alarmist red errors!
|
||||||
|
#ignore_errors: True
|
||||||
|
#check_mode: no
|
||||||
|
|
||||||
|
- name: If so, install /etc/tmpfiles.d/iiab.conf to create /var/log subdirs on each boot, so {Apache, MongoDB, Munin} run on Ubermix (root:root, 0644 by default)
|
||||||
|
copy:
|
||||||
|
src: roles/1-prep/files/iiab.conf
|
||||||
|
dest: /etc/tmpfiles.d/
|
||||||
|
# owner: root
|
||||||
|
# group: root
|
||||||
|
# mode: 0644
|
||||||
|
force: yes
|
||||||
|
when: grep_ubermix.rc == 0 # 1 if absent in file, 2 if file doesn't exist
|
||||||
|
|
||||||
|
# 2020-03-19: for KA Lite, but moved from roles/kalite/tasks/install.yml
|
||||||
|
# This effectively does nothing at all on Ubuntu & Raspbian, where libgeos-*
|
||||||
|
# pkgs are not installed FWIW. But it's included to safeguard us across all
|
||||||
|
# OS's, in case others OS's like Ubermix later appear. See #1382 for details.
|
||||||
|
# Removing pkgs libgeos-3.6.2 & libgeos-c1v5 fixed the situation on Ubermix!
|
||||||
|
- name: Remove libgeos-* pkgs, avoiding KA Lite Django failure on Ubermix
|
||||||
|
shell: apt -y remove "libgeos-*"
|
||||||
|
when: grep_ubermix.rc == 0 # 1 if absent in file, 2 if file doesn't exist
|
26
roles/1-prep/tasks/uuid.yml
Normal file
26
roles/1-prep/tasks/uuid.yml
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
- name: "Install packages: uuid-runtime"
|
||||||
|
package:
|
||||||
|
name: uuid-runtime
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Does /etc/iiab/uuid exist?
|
||||||
|
stat:
|
||||||
|
path: /etc/iiab/uuid
|
||||||
|
register: uuid_file
|
||||||
|
|
||||||
|
- name: If not, run 'uuidgen' to create a uuid, in register uuid_response
|
||||||
|
command: uuidgen
|
||||||
|
register: uuid_response
|
||||||
|
when: not uuid_file.stat.exists
|
||||||
|
|
||||||
|
- name: Save it to /etc/iiab/uuid
|
||||||
|
shell: echo {{ uuid_response.stdout_lines[0] }} > /etc/iiab/uuid
|
||||||
|
when: not uuid_file.stat.exists
|
||||||
|
|
||||||
|
- name: Load /etc/iiab/uuid, into register stored_uuid
|
||||||
|
command: cat /etc/iiab/uuid
|
||||||
|
register: stored_uuid
|
||||||
|
|
||||||
|
- name: Store it in Ansible variable 'uuid'
|
||||||
|
set_fact:
|
||||||
|
uuid: "{{ stored_uuid.stdout_lines[0] }}"
|
|
@ -8,11 +8,12 @@
|
||||||
|
|
||||||
- include_tasks: packages.yml
|
- include_tasks: packages.yml
|
||||||
|
|
||||||
- name: 'Network prep, including partial setup of iptables (firewall) -- SEE ALSO: 1-prep/tasks/raspberry_pi.yml'
|
- name: "Network prep, including partial setup of iptables (firewall) -- SEE ALSO: 1-prep/tasks/raspberry_pi.yml"
|
||||||
include_tasks: network.yml
|
include_tasks: network.yml
|
||||||
|
|
||||||
- include_tasks: iiab-startup.yml
|
- include_tasks: iiab-startup.yml
|
||||||
|
|
||||||
|
|
||||||
# UNMAINTAINED
|
# UNMAINTAINED
|
||||||
#- include_tasks: centos.yml
|
#- include_tasks: centos.yml
|
||||||
# when: ansible_distribution == "CentOS"
|
# when: ansible_distribution == "CentOS"
|
||||||
|
@ -39,6 +40,7 @@
|
||||||
# dest: /etc/profile.d/zzz_iiab.sh
|
# dest: /etc/profile.d/zzz_iiab.sh
|
||||||
# src: zzz_iiab.sh
|
# src: zzz_iiab.sh
|
||||||
|
|
||||||
|
|
||||||
- name: Recording STAGE 2 HAS COMPLETED ==========================
|
- name: Recording STAGE 2 HAS COMPLETED ==========================
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: "{{ iiab_env_file }}"
|
path: "{{ iiab_env_file }}"
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml'
|
- name: '2021-07-27: SEE ALSO 4-5 networking packages LATER installed by https://github.com/iiab/iiab/blob/master/roles/2-common/tasks/network.yml'
|
||||||
meta: noop
|
meta: noop
|
||||||
|
|
||||||
- name: "Install 21 common packages: acpid, avahi-daemon, bzip2, curl, gawk, htop, i2c-tools, libnss-mdns, logrotate, mlocate, net-tools, pandoc, pastebinit, python3-venv, rsync, sqlite3, tar, unzip, usbutils, wget, wpasupplicant"
|
- name: "Install 21 common packages: acpid, avahi-daemon, bzip2, curl, gawk, htop, i2c-tools, libnss-mdns, logrotate, mlocate, net-tools, pandoc, pastebinit, rsync, sqlite3, sudo, tar, unzip, usbutils, wget, wpasupplicant"
|
||||||
package:
|
package:
|
||||||
name:
|
name:
|
||||||
- acpid # Daemon for ACPI (power mgmt) events
|
- acpid # Daemon for ACPI (power mgmt) events
|
||||||
|
@ -26,7 +26,7 @@
|
||||||
#- make # 2021-07-27: Currently used by roles/pbx and no other roles
|
#- make # 2021-07-27: Currently used by roles/pbx and no other roles
|
||||||
- mlocate
|
- mlocate
|
||||||
- net-tools # 2021-04-26: @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output?
|
- net-tools # 2021-04-26: @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output?
|
||||||
#- ntfs-3g # 2021-07-27: RaspiOS installs this regardless -- but this should no longer be nec with 5.4+ kernels, similar to exfat packages above -- however, see also this symlink warning: https://superuser.com/questions/1050544/mount-with-kernel-ntfs-and-not-ntfs-3g
|
#- ntfs-3g # 2021-07-31: RaspiOS installs this regardless -- but this should no longer be nec with 5.4+ kernels, similar to exfat packages above -- however, see also this symlink warning: https://superuser.com/questions/1050544/mount-with-kernel-ntfs-and-not-ntfs-3g -- and upcoming kernel 5.15 improvements: https://www.phoronix.com/scan.php?page=news_item&px=New-NTFS-Likely-For-Linux-5.15
|
||||||
#- openssh-server # ssh (Raspbian) or openssh-server (other OS's) already installed by 1-prep's roles/sshd/tasks/main.yml
|
#- openssh-server # ssh (Raspbian) or openssh-server (other OS's) already installed by 1-prep's roles/sshd/tasks/main.yml
|
||||||
- pandoc # For /usr/bin/iiab-refresh-wiki-docs
|
- pandoc # For /usr/bin/iiab-refresh-wiki-docs
|
||||||
- pastebinit # For /usr/bin/iiab-diagnostics
|
- pastebinit # For /usr/bin/iiab-diagnostics
|
||||||
|
@ -35,7 +35,7 @@
|
||||||
- rsync
|
- rsync
|
||||||
#- screen # Installed by 1-prep's roles/iiab-admin/tasks/access.yml
|
#- screen # Installed by 1-prep's roles/iiab-admin/tasks/access.yml
|
||||||
- sqlite3
|
- sqlite3
|
||||||
#- sudo # Installed by 1-prep's roles/iiab-admin/tasks/sudo-prereqs.yml
|
- sudo
|
||||||
- tar
|
- tar
|
||||||
- unzip
|
- unzip
|
||||||
#- usbmount # Moved to roles/usb_lib/tasks/install.yml
|
#- usbmount # Moved to roles/usb_lib/tasks/install.yml
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
name: sshd
|
name: sshd
|
||||||
when: sshd_install
|
when: sshd_install
|
||||||
|
|
||||||
|
|
||||||
# UNMAINTAINED
|
# UNMAINTAINED
|
||||||
- name: Install named / BIND
|
- name: Install named / BIND
|
||||||
include_tasks: roles/network/tasks/named.yml
|
include_tasks: roles/network/tasks/named.yml
|
||||||
|
@ -38,6 +39,7 @@
|
||||||
include_tasks: roles/network/tasks/squid.yml
|
include_tasks: roles/network/tasks/squid.yml
|
||||||
when: squid_install is defined and squid_install
|
when: squid_install is defined and squid_install
|
||||||
|
|
||||||
|
|
||||||
- name: Install Bluetooth - only on Raspberry Pi
|
- name: Install Bluetooth - only on Raspberry Pi
|
||||||
include_role:
|
include_role:
|
||||||
name: bluetooth
|
name: bluetooth
|
||||||
|
@ -69,6 +71,7 @@
|
||||||
name: www_options
|
name: www_options
|
||||||
#when: www_options_install # Flag might be created in future?
|
#when: www_options_install # Flag might be created in future?
|
||||||
|
|
||||||
|
|
||||||
- name: Recording STAGE 4 HAS COMPLETED ==================
|
- name: Recording STAGE 4 HAS COMPLETED ==================
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: "{{ iiab_env_file }}"
|
path: "{{ iiab_env_file }}"
|
||||||
|
|
|
@ -1,17 +1,14 @@
|
||||||
- name: systemd daemon-reload
|
|
||||||
systemd:
|
|
||||||
daemon_reload: yes
|
|
||||||
|
|
||||||
|
|
||||||
- name: Enable & Restart jupyterhub.service
|
- name: Enable & Restart jupyterhub.service
|
||||||
systemd:
|
systemd:
|
||||||
|
daemon_reload: yes
|
||||||
name: jupyterhub
|
name: jupyterhub
|
||||||
enabled: yes
|
enabled: yes
|
||||||
state: restarted
|
state: restarted
|
||||||
when: jupyterhub_enabled
|
when: jupyterhub_enabled
|
||||||
|
|
||||||
- name: Disable jupyterhub.service
|
- name: Disable & Stop jupyterhub.service
|
||||||
systemd:
|
systemd:
|
||||||
|
daemon_reload: yes
|
||||||
name: jupyterhub
|
name: jupyterhub
|
||||||
enabled: no
|
enabled: no
|
||||||
state: stopped
|
state: stopped
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# Nextcloud
|
# Nextcloud README
|
||||||
|
|
||||||
Students and teachers can store their documents, calendars, contacts and photos locally within [Nextcloud](https://nextcloud.com), which is much like having a (local) version of Dropbox or Google Drive on your very own [Internet-in-a-Box](http://internet-in-a-box.org).
|
Students and teachers can store their documents, calendars, contacts and photos locally within [Nextcloud](https://nextcloud.com), which is much like having a (local) version of Dropbox or Google Drive on your very own [Internet-in-a-Box](http://internet-in-a-box.org).
|
||||||
|
|
||||||
|
|
|
@ -52,6 +52,7 @@ OS_VER=$OS-$VERSION_ID
|
||||||
#"fedora-22" | \
|
#"fedora-22" | \
|
||||||
#"debian-8" | \
|
#"debian-8" | \
|
||||||
#"debian-9" | \
|
#"debian-9" | \
|
||||||
|
#"debian-10" | \
|
||||||
#"ubuntu-16" | \
|
#"ubuntu-16" | \
|
||||||
#"ubuntu-17" | \
|
#"ubuntu-17" | \
|
||||||
#"ubuntu-18" | \
|
#"ubuntu-18" | \
|
||||||
|
@ -60,23 +61,23 @@ OS_VER=$OS-$VERSION_ID
|
||||||
#"raspbian-8" | \
|
#"raspbian-8" | \
|
||||||
#"raspbian-9" | \
|
#"raspbian-9" | \
|
||||||
|
|
||||||
# 2020-10-21: Debian 11 (Bullseye) not yet supported but adding this line to
|
|
||||||
# its /etc/os-release can help testing this unreleased OS: VERSION_ID="11"
|
|
||||||
|
|
||||||
# 2021-06-19: Ubuntu 21.10 (Impish Indri) not yet supported but this
|
# 2021-06-19: Ubuntu 21.10 (Impish Indri) not yet supported but this
|
||||||
# unreleased OS can help testing. For now this means MANUALLY changing
|
# unreleased OS can help testing. For now this means MANUALLY changing
|
||||||
# php_version: 7.4 to 8.0 in /opt/iiab/iiab/vars/ubuntu-21.yml
|
# php_version: 7.4 to 8.0 in /opt/iiab/iiab/vars/ubuntu-21.yml
|
||||||
|
|
||||||
|
# 2020-07-31: Debian 12 (Bookworm) not yet supported but adding this line
|
||||||
|
# to its /etc/os-release can help testing this upcoming OS: VERSION_ID="12"
|
||||||
|
|
||||||
case $OS_VER in
|
case $OS_VER in
|
||||||
"debian-10" | \
|
|
||||||
"debian-11" | \
|
"debian-11" | \
|
||||||
|
"debian-12" | \
|
||||||
"ubuntu-20" | \
|
"ubuntu-20" | \
|
||||||
"ubuntu-21" | \
|
"ubuntu-21" | \
|
||||||
"linuxmint-20" | \
|
"linuxmint-20" | \
|
||||||
"raspbian-10" | \
|
"raspbian-10" | \
|
||||||
"raspbian-11")
|
"raspbian-11")
|
||||||
;;
|
;;
|
||||||
*) OS_VER="OS_not_supported"
|
*) OS_VER="OS Not Supported -- Plz Read: https://github.com/iiab/iiab/wiki/IIAB-Platforms"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
|
29
vars/debian-12.yml
Normal file
29
vars/debian-12.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
# Every is_<OS> var is initially set to 'False' at the bottom of
|
||||||
|
# /opt/iiab/iiab/vars/default_vars.yml -- these 'True' lines override that:
|
||||||
|
is_debuntu: True
|
||||||
|
is_debian: True # Opposite of is_ubuntu for now
|
||||||
|
is_debian_12: True
|
||||||
|
|
||||||
|
# 2019-01-31: These apply if-only-if named_install and/or dhcpd_install are True
|
||||||
|
# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
|
||||||
|
dns_service: bind9
|
||||||
|
dhcp_service: isc-dhcp-server
|
||||||
|
dns_user: bind
|
||||||
|
|
||||||
|
proxy: squid
|
||||||
|
proxy_user: proxy
|
||||||
|
apache_service: apache2
|
||||||
|
apache_conf_dir: apache2/sites-available
|
||||||
|
apache_user: www-data
|
||||||
|
apache_log_dir: /var/log/apache2
|
||||||
|
smb_service: smbd
|
||||||
|
nmb_service: nmbd
|
||||||
|
systemctl_program: /bin/systemctl
|
||||||
|
mysql_service: mariadb
|
||||||
|
apache_log: /var/log/apache2/access.log
|
||||||
|
sshd_package: openssh-server
|
||||||
|
sshd_service: ssh
|
||||||
|
php_version: 8.0
|
||||||
|
postgresql_version: 13
|
||||||
|
systemd_location: /lib/systemd/system
|
||||||
|
python_ver: 3.9
|
|
@ -716,6 +716,7 @@ is_linuxmint: False # Subset of is_ubuntu
|
||||||
is_linuxmint_20: False
|
is_linuxmint_20: False
|
||||||
|
|
||||||
is_debian: False # Covers both: Debian, Raspberry Pi OS (Raspbian)
|
is_debian: False # Covers both: Debian, Raspberry Pi OS (Raspbian)
|
||||||
|
is_debian_12: False
|
||||||
is_debian_11: False
|
is_debian_11: False
|
||||||
is_debian_10: False
|
is_debian_10: False
|
||||||
is_debian_9: False
|
is_debian_9: False
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue