Merge pull request #414 from iiab/master

Sync from iiab:master
2025-03-09 15:40:17 +00:00 · 2020-08-25 11:02:34 -04:00 · 2020-08-25 11:02:34 -04:00 · d609aa6ac5
commit d609aa6ac5
parent 4e02a7ccdd 800f3d30ec
20 changed files with 122 additions and 106 deletions
--- a/roles/elgg/tasks/setup.yml
+++ b/roles/elgg/tasks/setup.yml
@ -10,8 +10,8 @@
    password: "{{ dbpassword }}"
    priv: "{{ dbname }}.*:ALL"
  with_items:
-    - 127.0.0.1
-    - ::1
+#    - 127.0.0.1
+#    - ::1
    - localhost

 - name: Create /tmp/elggdb.sql from template, to load database
--- a/roles/mysql/defaults/main.yml
+++ b/roles/mysql/defaults/main.yml
@ -1,9 +0,0 @@
-# MySQL MANDATORY - THESE 2 VARS HAVE NO EFFECT - SEE roles/0-init/tasks/main.yml & roles/mysql/tasks/main.yml
-# mysql_install: True
-# mysql_enabled: True
-
-## mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0
-# mysql_root_password: fixmysql
-
-# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
-# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
--- a/roles/mysql/tasks/install.yml
+++ b/roles/mysql/tasks/install.yml
@ -113,42 +113,31 @@
    owner: root
    mode: '0600'

-# 'localhost' needs to be the last item for idempotency, see
-# http://ansible.cc/docs/modules.html#mysql-user
-# unfortunately it still doesn't work
- name: Update MySQL root password for localhost root accounts
-  mysql_user:
-    name: root
-    host: localhost
-    password: "{{ mysql_root_password }}"
-    priv: "*.*:ALL,GRANT"
+#- name: Remove the MySQL 'test' database
+#  mysql_db:
+#    db: test
+#    state: absent

- name: Update MySQL root password for all remaining root accounts (127.0.0.1, ::1)
-  mysql_user:
-    name: root
-    host: "{{ item }}"
-    password: "{{ mysql_root_password }}"
-    priv: "*.*:ALL,GRANT"
-  with_items:
-    #- "{{ iiab_hostname }}.{{ iiab_domain }}"
-    - 127.0.0.1
-    - ::1
+#- name: Delete anonymous MySQL server user for {{ ansible_hostname }}
+#  mysql_user:
+#    user: ""
+#    host: "{{ ansible_hostname }}"
+#    state: absent

- name: Delete anonymous MySQL server user for {{ ansible_hostname }}
-  mysql_user:
-    user: ""
-    host: "{{ ansible_hostname }}"
-    state: absent
+#- name: Delete anonymous MySQL server user for localhost
+#  mysql_user:
+#    user: ""
+#    state: absent

- name: Delete anonymous MySQL server user for localhost
-  mysql_user:
-    user: ""
-    state: absent
-
- name: Remove the MySQL 'test' database
-  mysql_db:
-    db: test
-    state: absent
+#- name: Create MySQL root password for root accounts on (127.0.0.1, ::1)
+#  mysql_user:
+#    name: root
+#    host: "{{ item }}"
+#    password: "{{ mysql_root_password }}"
+#    priv: "*.*:ALL,GRANT"
+#  with_items:
+#    - 127.0.0.1
+#    - ::1


 # RECORD MySQL AS INSTALLED
--- a/roles/mysql/templates/my.cnf.j2
+++ b/roles/mysql/templates/my.cnf.j2
@ -1,4 +1,4 @@
 [client]
-user=root
-password={{ mysql_root_password }}
-socket=/run/mysqld/mysqld.sock
+user     = root
+password =
+socket   = /run/mysqld/mysqld.sock
--- a/roles/nextcloud/tasks/setup.yml
+++ b/roles/nextcloud/tasks/setup.yml
@ -9,8 +9,8 @@
    password: "{{ nextcloud_dbpassword }}"
    priv: "{{ nextcloud_dbname }}.*:ALL,GRANT"
  with_items:
-    - 127.0.0.1
-    - ::1
+#    - 127.0.0.1
+#    - ::1
    - localhost


--- a/roles/nginx/README.md
+++ b/roles/nginx/README.md
@ -10,7 +10,7 @@

 2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX.

-3. Current state of IIAB App/Service migrations as of 2020-05-21:
+3. Current state of IIAB App/Service migrations as of 2020-08-24:

   1. These support "Native" NGINX but ***NOT*** Apache
      * Admin Console
@ -45,8 +45,8 @@
      * kalite (menu goes directly to ports 8006-8008)
      * minetest [*]
      * openvpn
-      * pbx [*]
+      * pbx [*, requires Apache for now, as in Section 3.]
      * phpmyadmin [*, requires Apache for now, as in Section 3.]
      * transmission [*]

-[*] The 6 above starred roles could use improvement, as of 2020-05-21.
+[*] The 6 above starred roles could use improvement, as of 2020-08-24.
--- a/roles/osm-vector-maps/defaults/main.yml
+++ b/roles/osm-vector-maps/defaults/main.yml
@ -6,10 +6,14 @@

 # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
 # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
-#osm_map_url: https://github.com/iiab/maps/raw/master
-# for testing, use the new unpublished version of regions.json
+
+# The following soft coded variables allow testing, before pulling PR's into master
 osm_repo_url: https://raw.githubusercontent.com/iiab/maps
-archive_org_url: https://archive.org/download
-satellite_version: satellite_z0-z9_v3.mbtiles
+#osm_repo_url: https://raw.githubusercontent.com/georgejhunt/maps
 maps_branch: 'master'
+#maps_branch: '7.2-maps'
+
+# soft code sources
+archive_org_url: https://archive.org/download
 map_catalog_url: http://download.iiab.io/content/OSM/vector-tiles
+satellite_version: satellite_z0-z9_v3.mbtiles
--- a/roles/osm-vector-maps/tasks/install.yml
+++ b/roles/osm-vector-maps/tasks/install.yml
@ -49,13 +49,13 @@
    dest: "{{ vector_map_path }}/maplist/assets/regions.json"
    state: link

- name: Download the JavaScript bundle with OpenLayers (main.js) for test page http://box/maps/maplist
+- name: Download the JavaScript bundle with OpenLayers (test-page-bundle.js) for test page http://box/maps/maplist
 # At this point, fetches from github.com/georgejhunt/maps from test branch
  get_url:
    url: "{{ item }}"
    dest: '{{ vector_map_path }}/test-page/'
  with_items:
-    - "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/test-page/build/main.js"
+    - "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/test-page/build/test-page-bundle.js"
    - "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/test-page/build/index.html"

 - name: Fetch the javascript bundle with openlayers for Viewer page
@ -65,8 +65,8 @@
     dest: '{{ vector_map_path }}/viewer/'
  with_items:
      - index.html
-      - main.js
-      - main.js.map
+      - viewer-bundle.js
+      - viewer-bundle.js.map

 - name: Get the helper files for viewer
  get_url:
@ -74,7 +74,6 @@
     dest: '{{ vector_map_path }}/viewer/'
  with_items:
      - mbtileinfo.php
-      - ol-contextmenu.css
      - popup.css
      - searchapi.php
      - tileserver.php
@ -96,7 +95,7 @@
    dest: '{{ vector_map_path }}/installer/'
  with_items:
      - index.html
-      - main.js
+      - installer-bundle.js

 - name: Fetch the action routines for installer
  get_url:
@ -118,7 +117,8 @@
      - center.png
      - countries.json
      - fonts.css
-      - ol5-layerswitcher.css
+      - ol-layerswitcher.css
+      - ol-contextmenu.css
      - pin_drop.png
      - sprite@2x.json
      - sprite@2x.png
@ -170,7 +170,7 @@

 - name: Copy a scripts to download tiles
  get_url:
-      url: "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/viewer/{{ item }}"
+      url: "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/viewer/scripts/{{ item }}"
      dest: /usr/bin/
      mode: 0755
  with_items:
--- a/roles/osm-vector-maps/tasks/nginx.yml
+++ b/roles/osm-vector-maps/tasks/nginx.yml
@ -2,13 +2,14 @@
  template:
    src: osm-vector-maps-nginx.conf.j2
    dest: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf"    # /etc/nginx/conf.d
-  when: osm_vector_maps_enabled | bool
+  when: osm_vector_maps_install | bool
+# Note that the above change from enabled->install is required by the OSM command line installer

 - name: Disable http://box/maps & http://box/osm-vector-maps via NGINX, by removing {{ nginx_conf_dir }}/osm-vector-maps-nginx.conf
  file:
    path: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf"    # /etc/nginx/conf.d
    state: absent
-  when: not osm_vector_maps_enabled
+  when: not osm_vector_maps_install

 - name: Reload 'nginx' systemd service
  systemd:
--- a/roles/pbx/tasks/freepbx.yml
+++ b/roles/pbx/tasks/freepbx.yml
@ -49,9 +49,9 @@
    name: "{{ asterisk_db_user }}"
    password: "{{ asterisk_db_password }}"
    priv: "{{ asterisk_db_dbname }}.*:ALL/{{ asterisk_db_cdrdbname }}.*:ALL"
-    login_host: "{{ asterisk_db_host }}"
-    login_user: "root"
-    login_password: "{{ mysql_root_password }}"
+#    login_host: "{{ asterisk_db_host }}"
+#    login_user: "root"
+#    login_password: "{{ mysql_root_password }}"
    host: "{{ (asterisk_db_host == 'localhost') | ternary('localhost', ansible_default_ipv4.address) }}"
    state: present

@ -60,9 +60,9 @@
    name: "{{ asterisk_db_dbname }}"
    encoding: utf8
    collation: utf8_general_ci
-    login_host: "{{ asterisk_db_host }}"
-    login_user: "root"
-    login_password: "{{ mysql_root_password }}"
+#    login_host: "{{ asterisk_db_host }}"
+#    login_user: "root"
+#    login_password: "{{ mysql_root_password }}"
    state: present

 - name: FreePBX - Add cdr mysql db
--- a/scripts/ansible
+++ b/scripts/ansible
@ -1,13 +1,15 @@
 #!/bin/bash -e

+APT_PATH=/usr/bin    # Avoids problematic /usr/local/bin/apt on Linux Mint
 CURR_VER="undefined"    # Ansible version you currently have installed
 GOOD_VER="2.9.6"    # For XO laptops (pip install) & CentOS (yum install rpm)
-# On other OS's we attempt the latest from PPA, which might be more recent
+# On most/other OS's we install the latest (likely more recent!) from PPA:
+# https://launchpad.net/~ansible/+archive/ubuntu/ansible

 export DEBIAN_FRONTEND=noninteractive

 echo -e "\n\nYOU ARE RUNNING: /opt/iiab/iiab/scripts/ansible (TO INSTALL ANSIBLE)"
-echo -e 'Alternative:     /opt/iiab/iiab/scripts/ansible-2.8.x ("Slow Food")\n'
+#echo -e 'Alternative:     /opt/iiab/iiab/scripts/ansible-2.8.x ("Slow Food")\n'

 echo -e "RECOMMENDED PREREQUISITES:"
 echo -e "(1) Verify you're online"
@ -66,14 +68,14 @@ elif [ -f /etc/centos-release ]; then
 elif [ -f /etc/debian_version ]; then    # Includes Debian, Ubuntu & Raspbian
    if ! grep -q focal /etc/os-release; then
        echo -e "\napt update; install dirmngr; PPA to /etc/apt/sources.list.d/iiab-ansible.list\n"
-        apt update
-        apt -y install dirmngr
+        $APT_PATH/apt update
+        $APT_PATH/apt -y install dirmngr
        #echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu bionic main" \
-        # > /etc/apt/sources.list.d/iiab-ansible.list
+        #    > /etc/apt/sources.list.d/iiab-ansible.list

        # 2020-08-20: TEMP WORKAROUND (REVERT TO ANSIBLE 2.9.6) MITIGATING #2481 (Ansible 2.9.12 and 2.10.0's 666-TO-600 file permissions problem). This installs 2.9.6-1ppa~disco onto RaspiOS, from https://launchpad.net/~ansible/+archive/ubuntu/ansible
        echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu disco main" \
-         > /etc/apt/sources.list.d/iiab-ansible.list
+            > /etc/apt/sources.list.d/iiab-ansible.list

        echo -e '\nIF YOU FACE ERROR "signatures couldn'"'"'t be verified because the public key is not available" THEN REPEATEDLY RE-RUN "sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367"\n'
        apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367
@ -94,8 +96,8 @@ elif [ -f /etc/debian_version ]; then    # Includes Debian, Ubuntu & Raspbian
    fi
    echo -e "\napt update; apt install ansible and python3 dependencies explained at:"
    echo -e "https://github.com/iiab/iiab/tree/master/scripts/ansible.md\n"
-    apt update
-    apt -y --allow-downgrades install ansible python3-pymysql python3-psycopg2 \
+    $APT_PATH/apt update
+    $APT_PATH/apt -y --allow-downgrades install ansible python3-pymysql python3-psycopg2 \
        python3-passlib python3-pip python3-setuptools python3-venv virtualenv

    echo -e "\nSUCCESS: verify Ansible using 'ansible --version' and/or 'apt -a list ansible'\n\n"
--- a/scripts/ansible-2.8.x.deprecated
+++ b/scripts/ansible-2.8.x.deprecated
--- a/scripts/ansible-2.9.x.deprecated
+++ b/scripts/ansible-2.9.x.deprecated
--- a/scripts/iiab-diagnostics
+++ b/scripts/iiab-diagnostics
@ -119,13 +119,13 @@ cat_file /etc/rpi-issue
 echo "-IIAB-EXPLANATION-OF-THE-ABOVE-------------------------------------------------" >> $outfile
 echo >> $outfile
 if [ -f /etc/rpi-issue ]; then
-    echo "stage2 = Raspbian Lite" >> $outfile
-    echo "stage4 = Raspbian With Desktop" >> $outfile
-    echo "stage5 = Raspbian With Desktop + Recommended Software" >> $outfile
+    echo "stage2 = Raspberry Pi OS Lite" >> $outfile
+    echo "stage4 = Raspberry Pi OS with desktop" >> $outfile
+    echo "stage5 = Raspberry Pi OS with desktop + recommended software" >> $outfile
    echo >> $outfile
    echo "SEE https://github.com/RPi-Distro/pi-gen#stage-anatomy" >> $outfile
 else
-    echo "(This is NOT Raspbian!)" >> $outfile
+    echo "(This is NOT Raspberry Pi OS!)" >> $outfile
 fi
 echo >> $outfile
 cat_file /etc/issue.net
--- a/scripts/local_facts.fact
+++ b/scripts/local_facts.fact
@ -22,24 +22,26 @@ DHCPCD_PATH=`which dhcpcd`
 NM_PATH=`which NetworkManager`

 case $OS_VER in
-    "fedora-18"  | \
-    "fedora-22"  | \
-    "debian-8"   | \
-    "debian-9"   | \
-    "debian-10"  | \
-    "ubuntu-16"  | \
-    "ubuntu-17"  | \
-    "ubuntu-18"  | \
-    "ubuntu-19"  | \
-    "ubuntu-20"  | \
-    "centos-7"   | \
-    "raspbian-8" | \
-    "raspbian-9" | \
+    "fedora-18"    | \
+    "fedora-22"    | \
+    "debian-8"     | \
+    "debian-9"     | \
+    "debian-10"    | \
+    "ubuntu-16"    | \
+    "ubuntu-17"    | \
+    "ubuntu-18"    | \
+    "ubuntu-19"    | \
+    "ubuntu-20"    | \
+    "linuxmint-20" | \
+    "centos-7"     | \
+    "raspbian-8"   | \
+    "raspbian-9"   | \
    "raspbian-10")
-        ;;
-    *)	OS_VER="OS_not_supported"
-        ;;
+       ;;
+    *) OS_VER="OS_not_supported"
+       ;;
 esac
+
 # get current version
 BRANCH=`git rev-parse --abbrev-ref HEAD`
 COMMIT=`git rev-parse --verify HEAD`
@ -71,7 +73,7 @@ ANSIBLE_VERSION=$(ansible --version|head -n 1|cut -f 2 -d " ")
 if [ ! x$DHCPCD_PATH = x ]; then
    DHCPCD=`systemctl is-enabled dhcpcd`
 fi
-# the check is debian family only is_redhad would use NetworkManager as the
+# the check is debian family only is_redhat would use NetworkManager as the
 # service name.
 if [ ! x$NM_PATH = x ]; then
    NM=`systemctl is-enabled network-manager`
--- a/vars/default_vars.yml
+++ b/vars/default_vars.yml
@ -243,8 +243,6 @@ admin_console_enabled: True
 # MySQL MANDATORY - THESE 2 VARS HAVE NO EFFECT - SEE roles/0-init/tasks/main.yml & roles/mysql/tasks/main.yml
 mysql_install: True
 mysql_enabled: True
-# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0
-mysql_root_password: fixmysql

 # 2019-01-13: IIAB's use of NGINX is still evolving -- please review this
 # evolving doc: https://github.com/iiab/iiab/blob/master/roles/nginx/README.md
--- a/vars/linuxmint-20.yml
+++ b/vars/linuxmint-20.yml
@ -0,0 +1,29 @@
+is_debuntu: True
+is_ubuntu: True
+is_ubuntu_20: True
+
+# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
+# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
+dns_service: bind9
+dns_user: bind
+dhcp_service: isc-dhcp-server
+
+proxy: squid
+proxy_user: proxy
+apache_service: apache2
+apache_user: www-data
+apache_conf_dir: apache2/sites-available
+apache_config_dir: "{{ apache_conf_dir }}"    # for iiab-admin-console/roles/console/tasks/main.yml Line 150
+apache_log_dir: /var/log/apache2
+smb_service: smbd
+nmb_service: nmbd
+systemctl_program: /bin/systemctl
+# issue raised 
+mysql_service: mariadb
+apache_log: /var/log/apache2/access.log
+sshd_package: openssh-server
+sshd_service: ssh
+php_version: 7.4
+# "postgresql_version: 11.2" failed (too detailed for /etc/systemd/system/postgresql-iiab.service on Ubuntu 19.04)
+postgresql_version: 12
+systemd_location: /lib/systemd/system
--- a/vars/local_vars_big.yml
+++ b/vars/local_vars_big.yml
@ -297,7 +297,7 @@ moodle_enabled: True
 # Regional OSM vector maps use far less disk space than bitmap/raster versions.
 # Instructions: https://github.com/iiab/iiab/wiki/IIAB-Maps
 osm_vector_maps_install: True
-osm_vector_maps_enabled: True
+osm_vector_maps_enabled: False

 # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
--- a/vars/local_vars_medium.yml
+++ b/vars/local_vars_medium.yml
@ -297,7 +297,7 @@ moodle_enabled: False
 # Regional OSM vector maps use far less disk space than bitmap/raster versions.
 # Instructions: https://github.com/iiab/iiab/wiki/IIAB-Maps
 osm_vector_maps_install: True
-osm_vector_maps_enabled: True
+osm_vector_maps_enabled: False

 # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
--- a/vars/local_vars_min.yml
+++ b/vars/local_vars_min.yml
@ -297,7 +297,7 @@ moodle_enabled: False
 # Regional OSM vector maps use far less disk space than bitmap/raster versions.
 # Instructions: https://github.com/iiab/iiab/wiki/IIAB-Maps
 osm_vector_maps_install: True
-osm_vector_maps_enabled: True
+osm_vector_maps_enabled: False

 # Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
 # Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957