mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
cups/tasks/install.yml: Clarify explanations
This commit is contained in:
parent
7fccd87fed
commit
d0eb27f66c
1 changed files with 4 additions and 4 deletions
|
@ -35,7 +35,7 @@
|
|||
# 2021-07-12: lineinfile fails to insert the needed lines, as these same 2 lines
|
||||
# already appear throughout /etc/cups/cupsd.conf -- so we use blockinfile below.
|
||||
#
|
||||
# - name: Insert 2 lines into /etc/cups/cupsd.conf to LOCK DOWN URL'S LIKE http://box/print/admin -- REQUIRING '{{ iiab_admin_user }}' AND ITS LINUX PASSWORD (to avoid accidental damage to /etc/cups/cupsd.conf and other CUPS settings)
|
||||
# - name: Insert 2 lines into /etc/cups/cupsd.conf to LOCK DOWN URL'S LIKE http://localhost:631/admin -- REQUIRING '{{ iiab_admin_user }}' AND ITS LINUX PASSWORD (to avoid accidental damage to /etc/cups/cupsd.conf and other CUPS settings)
|
||||
# lineinfile:
|
||||
# path: /etc/cups/cupsd.conf
|
||||
# #regexp:
|
||||
|
@ -45,7 +45,7 @@
|
|||
# - " Require user @SYSTEM" # Will appear BELOW, in /etc/cups/cupsd.conf
|
||||
# - " AuthType Default" # Will appear ABOVE, in /etc/cups/cupsd.conf
|
||||
|
||||
- name: "CUPS web administration: Insert 2-line block into /etc/cups/cupsd.conf to LOCK DOWN URL'S LIKE http://box/print/admin TO LINUX GROUP 'lpadmin' -- to avoid accidental damage to /etc/cups/cupsd.conf and other CUPS settings. This uses 'SystemGroup lpadmin' in /etc/cups/cups-files.conf -- in coordination with ~14 -> ~15 '@SYSTEM' lines and 'DefaultAuthType Basic' in /etc/cups/cupsd.conf"
|
||||
- name: "CUPS web administration: Insert 2-line block into /etc/cups/cupsd.conf to LOCK DOWN URL'S LIKE http://localhost:631/admin TO LINUX GROUP 'lpadmin' -- to avoid accidental damage to /etc/cups/cupsd.conf and other CUPS settings. This uses 'SystemGroup lpadmin' in /etc/cups/cups-files.conf -- in coordination with ~14 -> ~15 '@SYSTEM' lines and 'DefaultAuthType Basic' in /etc/cups/cupsd.conf"
|
||||
blockinfile:
|
||||
path: /etc/cups/cupsd.conf
|
||||
insertafter: '^<Location /admin>$'
|
||||
|
@ -76,14 +76,14 @@
|
|||
name: cups
|
||||
state: started
|
||||
|
||||
# - name: Run 'cupsctl --remote-admin --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://172.18.96.1:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf
|
||||
# - name: "Authorize Nearby IP Addresses: Run 'cupsctl --remote-admin --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://172.18.96.1:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf"
|
||||
# command: cupsctl --remote-admin --share-printers --user-cancel-any
|
||||
|
||||
# 2021-07-11: BOTH FLAGS *CANNOT* BE USED TOGETHER -- CHOOSE ONE OR THE OTHER:
|
||||
# (1) '--remote-admin' AS ABOVE, OR (2) '--remote-any' AS BELOW.
|
||||
# (RUN 'cupsctl' WITHOUT PARAMETERS TO CONFIRM THIS!)
|
||||
|
||||
- name: Run 'cupsctl --remote-any --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://172.18.96.1:631 AND http://10.8.0.y:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf
|
||||
- name: "Authorize All IP Addresses: Run 'cupsctl --remote-any --share-printers --user-cancel-any' to enable http://192.168.0.x:631 AND http://172.18.96.1:631 AND http://10.8.0.y:631 (if cups_enabled) -- REPEATED USE OF 'cupsctl' COMMANDS CAN *DAMAGE* /etc/cups/cupsd.conf BY ADDING DUPLICATE LINES (AND WORSE!) -- SO PLEASE ALSO MANUALLY RUN 'sudo cupsctl' AND 'sudo cupsd -t' TO VERIFY /etc/cups/cupsd.conf"
|
||||
command: cupsctl --remote-any --share-printers --user-cancel-any
|
||||
|
||||
# 2021-07-11: In theory 'cupsctl' stanzas could be put in enable-or-disable.yml
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue