mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
commit
d609aa6ac5
20 changed files with 122 additions and 106 deletions
|
@ -10,8 +10,8 @@
|
|||
password: "{{ dbpassword }}"
|
||||
priv: "{{ dbname }}.*:ALL"
|
||||
with_items:
|
||||
- 127.0.0.1
|
||||
- ::1
|
||||
# - 127.0.0.1
|
||||
# - ::1
|
||||
- localhost
|
||||
|
||||
- name: Create /tmp/elggdb.sql from template, to load database
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
# MySQL MANDATORY - THESE 2 VARS HAVE NO EFFECT - SEE roles/0-init/tasks/main.yml & roles/mysql/tasks/main.yml
|
||||
# mysql_install: True
|
||||
# mysql_enabled: True
|
||||
|
||||
## mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0
|
||||
# mysql_root_password: fixmysql
|
||||
|
||||
# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
|
||||
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
|
|
@ -113,42 +113,31 @@
|
|||
owner: root
|
||||
mode: '0600'
|
||||
|
||||
# 'localhost' needs to be the last item for idempotency, see
|
||||
# http://ansible.cc/docs/modules.html#mysql-user
|
||||
# unfortunately it still doesn't work
|
||||
- name: Update MySQL root password for localhost root accounts
|
||||
mysql_user:
|
||||
name: root
|
||||
host: localhost
|
||||
password: "{{ mysql_root_password }}"
|
||||
priv: "*.*:ALL,GRANT"
|
||||
#- name: Remove the MySQL 'test' database
|
||||
# mysql_db:
|
||||
# db: test
|
||||
# state: absent
|
||||
|
||||
- name: Update MySQL root password for all remaining root accounts (127.0.0.1, ::1)
|
||||
mysql_user:
|
||||
name: root
|
||||
host: "{{ item }}"
|
||||
password: "{{ mysql_root_password }}"
|
||||
priv: "*.*:ALL,GRANT"
|
||||
with_items:
|
||||
#- "{{ iiab_hostname }}.{{ iiab_domain }}"
|
||||
- 127.0.0.1
|
||||
- ::1
|
||||
#- name: Delete anonymous MySQL server user for {{ ansible_hostname }}
|
||||
# mysql_user:
|
||||
# user: ""
|
||||
# host: "{{ ansible_hostname }}"
|
||||
# state: absent
|
||||
|
||||
- name: Delete anonymous MySQL server user for {{ ansible_hostname }}
|
||||
mysql_user:
|
||||
user: ""
|
||||
host: "{{ ansible_hostname }}"
|
||||
state: absent
|
||||
#- name: Delete anonymous MySQL server user for localhost
|
||||
# mysql_user:
|
||||
# user: ""
|
||||
# state: absent
|
||||
|
||||
- name: Delete anonymous MySQL server user for localhost
|
||||
mysql_user:
|
||||
user: ""
|
||||
state: absent
|
||||
|
||||
- name: Remove the MySQL 'test' database
|
||||
mysql_db:
|
||||
db: test
|
||||
state: absent
|
||||
#- name: Create MySQL root password for root accounts on (127.0.0.1, ::1)
|
||||
# mysql_user:
|
||||
# name: root
|
||||
# host: "{{ item }}"
|
||||
# password: "{{ mysql_root_password }}"
|
||||
# priv: "*.*:ALL,GRANT"
|
||||
# with_items:
|
||||
# - 127.0.0.1
|
||||
# - ::1
|
||||
|
||||
|
||||
# RECORD MySQL AS INSTALLED
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
[client]
|
||||
user=root
|
||||
password={{ mysql_root_password }}
|
||||
socket=/run/mysqld/mysqld.sock
|
||||
user = root
|
||||
password =
|
||||
socket = /run/mysqld/mysqld.sock
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
password: "{{ nextcloud_dbpassword }}"
|
||||
priv: "{{ nextcloud_dbname }}.*:ALL,GRANT"
|
||||
with_items:
|
||||
- 127.0.0.1
|
||||
- ::1
|
||||
# - 127.0.0.1
|
||||
# - ::1
|
||||
- localhost
|
||||
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
|
||||
2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX.
|
||||
|
||||
3. Current state of IIAB App/Service migrations as of 2020-05-21:
|
||||
3. Current state of IIAB App/Service migrations as of 2020-08-24:
|
||||
|
||||
1. These support "Native" NGINX but ***NOT*** Apache
|
||||
* Admin Console
|
||||
|
@ -45,8 +45,8 @@
|
|||
* kalite (menu goes directly to ports 8006-8008)
|
||||
* minetest [*]
|
||||
* openvpn
|
||||
* pbx [*]
|
||||
* pbx [*, requires Apache for now, as in Section 3.]
|
||||
* phpmyadmin [*, requires Apache for now, as in Section 3.]
|
||||
* transmission [*]
|
||||
|
||||
[*] The 6 above starred roles could use improvement, as of 2020-05-21.
|
||||
[*] The 6 above starred roles could use improvement, as of 2020-08-24.
|
||||
|
|
|
@ -6,10 +6,14 @@
|
|||
|
||||
# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
|
||||
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
|
||||
#osm_map_url: https://github.com/iiab/maps/raw/master
|
||||
# for testing, use the new unpublished version of regions.json
|
||||
|
||||
# The following soft coded variables allow testing, before pulling PR's into master
|
||||
osm_repo_url: https://raw.githubusercontent.com/iiab/maps
|
||||
archive_org_url: https://archive.org/download
|
||||
satellite_version: satellite_z0-z9_v3.mbtiles
|
||||
#osm_repo_url: https://raw.githubusercontent.com/georgejhunt/maps
|
||||
maps_branch: 'master'
|
||||
#maps_branch: '7.2-maps'
|
||||
|
||||
# soft code sources
|
||||
archive_org_url: https://archive.org/download
|
||||
map_catalog_url: http://download.iiab.io/content/OSM/vector-tiles
|
||||
satellite_version: satellite_z0-z9_v3.mbtiles
|
||||
|
|
|
@ -49,13 +49,13 @@
|
|||
dest: "{{ vector_map_path }}/maplist/assets/regions.json"
|
||||
state: link
|
||||
|
||||
- name: Download the JavaScript bundle with OpenLayers (main.js) for test page http://box/maps/maplist
|
||||
- name: Download the JavaScript bundle with OpenLayers (test-page-bundle.js) for test page http://box/maps/maplist
|
||||
# At this point, fetches from github.com/georgejhunt/maps from test branch
|
||||
get_url:
|
||||
url: "{{ item }}"
|
||||
dest: '{{ vector_map_path }}/test-page/'
|
||||
with_items:
|
||||
- "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/test-page/build/main.js"
|
||||
- "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/test-page/build/test-page-bundle.js"
|
||||
- "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/test-page/build/index.html"
|
||||
|
||||
- name: Fetch the javascript bundle with openlayers for Viewer page
|
||||
|
@ -65,8 +65,8 @@
|
|||
dest: '{{ vector_map_path }}/viewer/'
|
||||
with_items:
|
||||
- index.html
|
||||
- main.js
|
||||
- main.js.map
|
||||
- viewer-bundle.js
|
||||
- viewer-bundle.js.map
|
||||
|
||||
- name: Get the helper files for viewer
|
||||
get_url:
|
||||
|
@ -74,7 +74,6 @@
|
|||
dest: '{{ vector_map_path }}/viewer/'
|
||||
with_items:
|
||||
- mbtileinfo.php
|
||||
- ol-contextmenu.css
|
||||
- popup.css
|
||||
- searchapi.php
|
||||
- tileserver.php
|
||||
|
@ -96,7 +95,7 @@
|
|||
dest: '{{ vector_map_path }}/installer/'
|
||||
with_items:
|
||||
- index.html
|
||||
- main.js
|
||||
- installer-bundle.js
|
||||
|
||||
- name: Fetch the action routines for installer
|
||||
get_url:
|
||||
|
@ -118,7 +117,8 @@
|
|||
- center.png
|
||||
- countries.json
|
||||
- fonts.css
|
||||
- ol5-layerswitcher.css
|
||||
- ol-layerswitcher.css
|
||||
- ol-contextmenu.css
|
||||
- pin_drop.png
|
||||
- sprite@2x.json
|
||||
- sprite@2x.png
|
||||
|
@ -170,7 +170,7 @@
|
|||
|
||||
- name: Copy a scripts to download tiles
|
||||
get_url:
|
||||
url: "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/viewer/{{ item }}"
|
||||
url: "{{ osm_repo_url }}/{{ maps_branch }}/osm-source/pages/viewer/scripts/{{ item }}"
|
||||
dest: /usr/bin/
|
||||
mode: 0755
|
||||
with_items:
|
||||
|
|
|
@ -2,13 +2,14 @@
|
|||
template:
|
||||
src: osm-vector-maps-nginx.conf.j2
|
||||
dest: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf" # /etc/nginx/conf.d
|
||||
when: osm_vector_maps_enabled | bool
|
||||
when: osm_vector_maps_install | bool
|
||||
# Note that the above change from enabled->install is required by the OSM command line installer
|
||||
|
||||
- name: Disable http://box/maps & http://box/osm-vector-maps via NGINX, by removing {{ nginx_conf_dir }}/osm-vector-maps-nginx.conf
|
||||
file:
|
||||
path: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf" # /etc/nginx/conf.d
|
||||
state: absent
|
||||
when: not osm_vector_maps_enabled
|
||||
when: not osm_vector_maps_install
|
||||
|
||||
- name: Reload 'nginx' systemd service
|
||||
systemd:
|
||||
|
|
|
@ -49,9 +49,9 @@
|
|||
name: "{{ asterisk_db_user }}"
|
||||
password: "{{ asterisk_db_password }}"
|
||||
priv: "{{ asterisk_db_dbname }}.*:ALL/{{ asterisk_db_cdrdbname }}.*:ALL"
|
||||
login_host: "{{ asterisk_db_host }}"
|
||||
login_user: "root"
|
||||
login_password: "{{ mysql_root_password }}"
|
||||
# login_host: "{{ asterisk_db_host }}"
|
||||
# login_user: "root"
|
||||
# login_password: "{{ mysql_root_password }}"
|
||||
host: "{{ (asterisk_db_host == 'localhost') | ternary('localhost', ansible_default_ipv4.address) }}"
|
||||
state: present
|
||||
|
||||
|
@ -60,9 +60,9 @@
|
|||
name: "{{ asterisk_db_dbname }}"
|
||||
encoding: utf8
|
||||
collation: utf8_general_ci
|
||||
login_host: "{{ asterisk_db_host }}"
|
||||
login_user: "root"
|
||||
login_password: "{{ mysql_root_password }}"
|
||||
# login_host: "{{ asterisk_db_host }}"
|
||||
# login_user: "root"
|
||||
# login_password: "{{ mysql_root_password }}"
|
||||
state: present
|
||||
|
||||
- name: FreePBX - Add cdr mysql db
|
||||
|
|
|
@ -1,13 +1,15 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
APT_PATH=/usr/bin # Avoids problematic /usr/local/bin/apt on Linux Mint
|
||||
CURR_VER="undefined" # Ansible version you currently have installed
|
||||
GOOD_VER="2.9.6" # For XO laptops (pip install) & CentOS (yum install rpm)
|
||||
# On other OS's we attempt the latest from PPA, which might be more recent
|
||||
# On most/other OS's we install the latest (likely more recent!) from PPA:
|
||||
# https://launchpad.net/~ansible/+archive/ubuntu/ansible
|
||||
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
echo -e "\n\nYOU ARE RUNNING: /opt/iiab/iiab/scripts/ansible (TO INSTALL ANSIBLE)"
|
||||
echo -e 'Alternative: /opt/iiab/iiab/scripts/ansible-2.8.x ("Slow Food")\n'
|
||||
#echo -e 'Alternative: /opt/iiab/iiab/scripts/ansible-2.8.x ("Slow Food")\n'
|
||||
|
||||
echo -e "RECOMMENDED PREREQUISITES:"
|
||||
echo -e "(1) Verify you're online"
|
||||
|
@ -66,14 +68,14 @@ elif [ -f /etc/centos-release ]; then
|
|||
elif [ -f /etc/debian_version ]; then # Includes Debian, Ubuntu & Raspbian
|
||||
if ! grep -q focal /etc/os-release; then
|
||||
echo -e "\napt update; install dirmngr; PPA to /etc/apt/sources.list.d/iiab-ansible.list\n"
|
||||
apt update
|
||||
apt -y install dirmngr
|
||||
$APT_PATH/apt update
|
||||
$APT_PATH/apt -y install dirmngr
|
||||
#echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu bionic main" \
|
||||
# > /etc/apt/sources.list.d/iiab-ansible.list
|
||||
# > /etc/apt/sources.list.d/iiab-ansible.list
|
||||
|
||||
# 2020-08-20: TEMP WORKAROUND (REVERT TO ANSIBLE 2.9.6) MITIGATING #2481 (Ansible 2.9.12 and 2.10.0's 666-TO-600 file permissions problem). This installs 2.9.6-1ppa~disco onto RaspiOS, from https://launchpad.net/~ansible/+archive/ubuntu/ansible
|
||||
echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu disco main" \
|
||||
> /etc/apt/sources.list.d/iiab-ansible.list
|
||||
> /etc/apt/sources.list.d/iiab-ansible.list
|
||||
|
||||
echo -e '\nIF YOU FACE ERROR "signatures couldn'"'"'t be verified because the public key is not available" THEN REPEATEDLY RE-RUN "sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367"\n'
|
||||
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367
|
||||
|
@ -94,8 +96,8 @@ elif [ -f /etc/debian_version ]; then # Includes Debian, Ubuntu & Raspbian
|
|||
fi
|
||||
echo -e "\napt update; apt install ansible and python3 dependencies explained at:"
|
||||
echo -e "https://github.com/iiab/iiab/tree/master/scripts/ansible.md\n"
|
||||
apt update
|
||||
apt -y --allow-downgrades install ansible python3-pymysql python3-psycopg2 \
|
||||
$APT_PATH/apt update
|
||||
$APT_PATH/apt -y --allow-downgrades install ansible python3-pymysql python3-psycopg2 \
|
||||
python3-passlib python3-pip python3-setuptools python3-venv virtualenv
|
||||
|
||||
echo -e "\nSUCCESS: verify Ansible using 'ansible --version' and/or 'apt -a list ansible'\n\n"
|
||||
|
|
|
@ -119,13 +119,13 @@ cat_file /etc/rpi-issue
|
|||
echo "-IIAB-EXPLANATION-OF-THE-ABOVE-------------------------------------------------" >> $outfile
|
||||
echo >> $outfile
|
||||
if [ -f /etc/rpi-issue ]; then
|
||||
echo "stage2 = Raspbian Lite" >> $outfile
|
||||
echo "stage4 = Raspbian With Desktop" >> $outfile
|
||||
echo "stage5 = Raspbian With Desktop + Recommended Software" >> $outfile
|
||||
echo "stage2 = Raspberry Pi OS Lite" >> $outfile
|
||||
echo "stage4 = Raspberry Pi OS with desktop" >> $outfile
|
||||
echo "stage5 = Raspberry Pi OS with desktop + recommended software" >> $outfile
|
||||
echo >> $outfile
|
||||
echo "SEE https://github.com/RPi-Distro/pi-gen#stage-anatomy" >> $outfile
|
||||
else
|
||||
echo "(This is NOT Raspbian!)" >> $outfile
|
||||
echo "(This is NOT Raspberry Pi OS!)" >> $outfile
|
||||
fi
|
||||
echo >> $outfile
|
||||
cat_file /etc/issue.net
|
||||
|
|
|
@ -22,24 +22,26 @@ DHCPCD_PATH=`which dhcpcd`
|
|||
NM_PATH=`which NetworkManager`
|
||||
|
||||
case $OS_VER in
|
||||
"fedora-18" | \
|
||||
"fedora-22" | \
|
||||
"debian-8" | \
|
||||
"debian-9" | \
|
||||
"debian-10" | \
|
||||
"ubuntu-16" | \
|
||||
"ubuntu-17" | \
|
||||
"ubuntu-18" | \
|
||||
"ubuntu-19" | \
|
||||
"ubuntu-20" | \
|
||||
"centos-7" | \
|
||||
"raspbian-8" | \
|
||||
"raspbian-9" | \
|
||||
"fedora-18" | \
|
||||
"fedora-22" | \
|
||||
"debian-8" | \
|
||||
"debian-9" | \
|
||||
"debian-10" | \
|
||||
"ubuntu-16" | \
|
||||
"ubuntu-17" | \
|
||||
"ubuntu-18" | \
|
||||
"ubuntu-19" | \
|
||||
"ubuntu-20" | \
|
||||
"linuxmint-20" | \
|
||||
"centos-7" | \
|
||||
"raspbian-8" | \
|
||||
"raspbian-9" | \
|
||||
"raspbian-10")
|
||||
;;
|
||||
*) OS_VER="OS_not_supported"
|
||||
;;
|
||||
;;
|
||||
*) OS_VER="OS_not_supported"
|
||||
;;
|
||||
esac
|
||||
|
||||
# get current version
|
||||
BRANCH=`git rev-parse --abbrev-ref HEAD`
|
||||
COMMIT=`git rev-parse --verify HEAD`
|
||||
|
@ -71,7 +73,7 @@ ANSIBLE_VERSION=$(ansible --version|head -n 1|cut -f 2 -d " ")
|
|||
if [ ! x$DHCPCD_PATH = x ]; then
|
||||
DHCPCD=`systemctl is-enabled dhcpcd`
|
||||
fi
|
||||
# the check is debian family only is_redhad would use NetworkManager as the
|
||||
# the check is debian family only is_redhat would use NetworkManager as the
|
||||
# service name.
|
||||
if [ ! x$NM_PATH = x ]; then
|
||||
NM=`systemctl is-enabled network-manager`
|
||||
|
|
|
@ -243,8 +243,6 @@ admin_console_enabled: True
|
|||
# MySQL MANDATORY - THESE 2 VARS HAVE NO EFFECT - SEE roles/0-init/tasks/main.yml & roles/mysql/tasks/main.yml
|
||||
mysql_install: True
|
||||
mysql_enabled: True
|
||||
# mysql_root_password: $6$iiab51$3ICIW0CLWxxMW2a3yrHZ38ukZItD5tcadL4rWcE9D.qIGStxhh8rRsaSxoj3b.MYxI/VRDNjpzSYK/V6zkWFI0
|
||||
mysql_root_password: fixmysql
|
||||
|
||||
# 2019-01-13: IIAB's use of NGINX is still evolving -- please review this
|
||||
# evolving doc: https://github.com/iiab/iiab/blob/master/roles/nginx/README.md
|
||||
|
|
29
vars/linuxmint-20.yml
Normal file
29
vars/linuxmint-20.yml
Normal file
|
@ -0,0 +1,29 @@
|
|||
is_debuntu: True
|
||||
is_ubuntu: True
|
||||
is_ubuntu_20: True
|
||||
|
||||
# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
|
||||
# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
|
||||
dns_service: bind9
|
||||
dns_user: bind
|
||||
dhcp_service: isc-dhcp-server
|
||||
|
||||
proxy: squid
|
||||
proxy_user: proxy
|
||||
apache_service: apache2
|
||||
apache_user: www-data
|
||||
apache_conf_dir: apache2/sites-available
|
||||
apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150
|
||||
apache_log_dir: /var/log/apache2
|
||||
smb_service: smbd
|
||||
nmb_service: nmbd
|
||||
systemctl_program: /bin/systemctl
|
||||
# issue raised
|
||||
mysql_service: mariadb
|
||||
apache_log: /var/log/apache2/access.log
|
||||
sshd_package: openssh-server
|
||||
sshd_service: ssh
|
||||
php_version: 7.4
|
||||
# "postgresql_version: 11.2" failed (too detailed for /etc/systemd/system/postgresql-iiab.service on Ubuntu 19.04)
|
||||
postgresql_version: 12
|
||||
systemd_location: /lib/systemd/system
|
|
@ -297,7 +297,7 @@ moodle_enabled: True
|
|||
# Regional OSM vector maps use far less disk space than bitmap/raster versions.
|
||||
# Instructions: https://github.com/iiab/iiab/wiki/IIAB-Maps
|
||||
osm_vector_maps_install: True
|
||||
osm_vector_maps_enabled: True
|
||||
osm_vector_maps_enabled: False
|
||||
|
||||
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
|
||||
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
|
||||
|
|
|
@ -297,7 +297,7 @@ moodle_enabled: False
|
|||
# Regional OSM vector maps use far less disk space than bitmap/raster versions.
|
||||
# Instructions: https://github.com/iiab/iiab/wiki/IIAB-Maps
|
||||
osm_vector_maps_install: True
|
||||
osm_vector_maps_enabled: True
|
||||
osm_vector_maps_enabled: False
|
||||
|
||||
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
|
||||
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
|
||||
|
|
|
@ -297,7 +297,7 @@ moodle_enabled: False
|
|||
# Regional OSM vector maps use far less disk space than bitmap/raster versions.
|
||||
# Instructions: https://github.com/iiab/iiab/wiki/IIAB-Maps
|
||||
osm_vector_maps_install: True
|
||||
osm_vector_maps_enabled: True
|
||||
osm_vector_maps_enabled: False
|
||||
|
||||
# Might stall MongoDB on Power Failure: github.com/xsce/xsce/issues/879
|
||||
# Sugarizer 1.0.1+ strategies to solve? github.com/iiab/iiab/pull/957
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue