diff --git a/roles/0-init/tasks/iiab_ini.yml b/roles/0-init/tasks/iiab_ini.yml index 346eab369..2ef441aa5 100644 --- a/roles/0-init/tasks/iiab_ini.yml +++ b/roles/0-init/tasks/iiab_ini.yml @@ -9,7 +9,7 @@ path: "{{ iiab_ini_file }}" section: location option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: iiab_base value: "{{ iiab_base }}" @@ -21,7 +21,7 @@ path: "{{ iiab_ini_file }}" section: version option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: distribution value: "{{ ansible_distribution }}" diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 8cfed2864..79b09ae92 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -189,7 +189,7 @@ dest: "{{ iiab_ini_file }}" section: runtime option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: iiab_stage value: "{{ iiab_stage }}" @@ -237,7 +237,7 @@ dest: "{{ iiab_ini_file }}" section: runtime option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: is_VM value: "yes" diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index b768250c1..fa9420908 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -20,76 +20,70 @@ - include_tasks: xo.yml when: xo_model != "none" or osbuilder is defined -# the following installs common packages for both debian and fedora - include_tasks: packages.yml - - include_tasks: iptables.yml - sysctl: name: net.ipv4.ip_forward - value: 1 + value: '1' state: present - sysctl: name: net.ipv4.conf.default.rp_filter - value: 1 + value: '1' state: present - sysctl: name: net.ipv4.conf.default.accept_source_route - value: 0 + value: '0' state: present - sysctl: name: kernel.sysrq - value: 1 + value: '1' state: present - sysctl: name: kernel.core_uses_pid - value: 1 + value: '1' state: present - sysctl: name: net.ipv4.tcp_syncookies - value: 1 + value: '1' state: present - sysctl: name: kernel.shmmax - value: 268435456 + value: '268435456' state: present # IPv6 disabled - sysctl: name: net.ipv6.conf.all.disable_ipv6 - value: 1 + value: '1' state: present - sysctl: name: net.ipv6.conf.default.disable_ipv6 - value: 1 + value: '1' state: present - sysctl: name: net.ipv6.conf.lo.disable_ipv6 - value: 1 + value: '1' state: present -- name: Install custom /etc/profile.d/zzz_iiab.sh from template +- name: Install /etc/profile.d/zzz_iiab.sh from template, to add sbin dirs to unprivileged users' $PATH template: dest: /etc/profile.d/zzz_iiab.sh src: zzz_iiab.sh - owner: root - mode: 0644 - backup: no - include_tasks: net_mods.yml when: not is_debuntu and not is_F18 - include_tasks: udev.yml - - include_tasks: iiab-startup.yml - name: Recording STAGE 2 HAS COMPLETED ========================== diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index c9fb0d8ea..299f3d0db 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -60,9 +60,9 @@ dest: /etc/NetworkManager/system-connections/"Sugar Modem Connection" section: ppp option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value }}" # "{{ item.value | string }}" not nec, as they're already strings. backup: yes - mode: 0600 + mode: '0600' with_items: - { option: 'lcp-echo-failure', value: '5' } - { option: 'lcp-echo-interval', value: '30' } diff --git a/roles/activity-server/tasks/main.yml b/roles/activity-server/tasks/main.yml index de164d6ec..6ba6e798a 100644 --- a/roles/activity-server/tasks/main.yml +++ b/roles/activity-server/tasks/main.yml @@ -122,7 +122,7 @@ path: "{{ iiab_ini_file }}" section: activity-server option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: "Activity Server" diff --git a/roles/ajenti/tasks/main.yml b/roles/ajenti/tasks/main.yml index e33b40e65..9dd6def11 100644 --- a/roles/ajenti/tasks/main.yml +++ b/roles/ajenti/tasks/main.yml @@ -52,7 +52,7 @@ path: "{{ iiab_ini_file }}" section: ajenti option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: ajenti diff --git a/roles/authserver/tasks/main.yml b/roles/authserver/tasks/main.yml index ea188e976..6742c9d4e 100644 --- a/roles/authserver/tasks/main.yml +++ b/roles/authserver/tasks/main.yml @@ -55,7 +55,7 @@ path: "{{ iiab_ini_file }}" section: authserver option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: XS-authserver diff --git a/roles/awstats/tasks/enable.yml b/roles/awstats/tasks/enable.yml index a80db27db..8a4529597 100644 --- a/roles/awstats/tasks/enable.yml +++ b/roles/awstats/tasks/enable.yml @@ -1,52 +1,49 @@ -- name: Create symlink awstats.conf from sites-enabled to sites-available (Apache) - file: - src: /etc/apache2/sites-available/awstats.conf - path: /etc/apache2/sites-enabled/awstats.conf - state: link - when: awstats_enabled and not nginx_enabled +# Apache -- name: Remove symlink from sites-enabled, to disable AWStats (Apache) - file: - path: /etc/apache2/sites-enabled/awstats.conf - state: absent - when: not awstats_enabled or nginx_enabled +- name: Enable http://box/awstats and/or http://box/awstats/awstats.pl via Apache + command: a2ensite awstats.conf + when: apache_install and awstats_enabled -- name: Install nginx's files from template +- name: Disable http://box/awstats and/or http://box/awstats/awstats.pl via Apache + command: a2dissite awstats.conf + when: apache_install and not awstats_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted + when: apache_enabled | bool + +# NGINX + +- name: Enable http://box/awstats via NGINX, by installing /etc/nginx/cgi-bin.php & {{ nginx_config_dir }}/awstats-nginx.conf from template template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root - mode: 0644 with_items: - - { src: "awstats-nginx.conf", dest: "/etc/nginx/conf.d/" } - - { src: "cgi-bin.php", dest: "/etc/nginx/" } - when: awstats_enabled and nginx_enabled + - { src: "awstats-nginx.conf", dest: "{{ nginx_config_dir }}/" } + - { src: "cgi-bin.php", dest: "/etc/nginx/" } + when: nginx_install and awstats_enabled -- name: Remove /etc/nginx/conf.d/awstats-nginx.conf +- name: Disable http://box/awstats_url via NGINX, by removing {{ nginx_config_dir }}/awstats-nginx.conf file: - path: /etc/nginx/conf.d/awstats-nginx.conf + path: "{{ nginx_config_dir }}/awstats-nginx.conf" state: absent - when: not awstats_enabled + when: nginx_install and not awstats_enabled -- name: Restart Apache service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" - state: restarted - when: awstats_enabled and not nginx_enabled - -- name: Restart nginx service +- name: Restart 'nginx' systemd service systemd: name: nginx state: restarted - when: awstats_enabled and nginx_enabled + when: nginx_enabled | bool + - name: Add 'awstats' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" section: awstats option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: AWStats diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index ca62368e0..6a19e4ae6 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -5,57 +5,42 @@ - pwauth - openssl state: present - tags: - - download -- name: 'Install 2 packages: apache2-utils, libapache2-mod-authnz-external (debuntu)' +- name: 'Install 2 packages: apache2-utils, libapache2-mod-authnz-external' package: name: - libapache2-mod-authnz-external - apache2-utils state: present - when: is_debuntu | bool - tags: - - download -- name: Enable cgi execution (debuntu) +- name: Enable cgi execution via Apache command: a2enmod cgi - when: is_debuntu | bool - name: 'Mandate {{ apache_user }}:{{ apache_user }} perm 0750 dirs: {{ awstats_data_dir }} (intermediate summary storage) & {{ apache_log_dir }}' # /library/awstats & /var/log/apache2 typically file: path: "{{ item }}" - mode: 0750 owner: "{{ apache_user }}" group: "{{ apache_user }}" + mode: '0750' state: directory recurse: yes force: yes with_items: - "{{ awstats_data_dir }}" - "{{ apache_log_dir }}" - - /usr/lib/cgi-bin/awstats # create backward compatible path for awstats + - /usr/lib/cgi-bin/awstats # create backward compatible path for awstats -- name: Install Apache's awstats.conf from template (debuntu) +- name: Install /etc/{{ apache_config_dir }}/awstats.conf from template template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: 0644 - with_items: -# - { src: "awstats-nginx.conf", dest: "/etc/nginx/conf.d/" } -# - { src: "cgi-bin.php", dest: "/etc/nginx/" } - - { src: "apache-awstats.conf", dest: "/etc/{{ apache_config_dir }}/awstats.conf" } - when: awstats_enabled and is_debuntu + src: apache-awstats.conf + dest: "/etc/{{ apache_config_dir }}/awstats.conf" -- name: Ensure logrotate doesn't make logs unreadable (debuntu) +- name: Install /etc/logrotate.d/apache2 from template, to ensure logrotate doesn't make logs unreadable template: src: logrotate.d.apache2 dest: /etc/logrotate.d/apache2 - when: is_debuntu | bool -- name: Check if package installed /etc/awstats/awstats.conf +- name: Does /etc/awstats/awstats.conf exist? stat: path: /etc/awstats/awstats.conf register: awstats @@ -64,37 +49,34 @@ command: mv /etc/awstats/awstats.conf /etc/awstats/awstats.conf.dist when: awstats.stat.islnk is defined and not awstats.stat.islnk -- name: Create symlink for awstats.pl from cgi-bin/awstats/awstats.pl to ../ so that the old apache links to awstats will work after change to nginx +- name: Symlink /usr/lib/cgi-bin/awstats/awstats.pl -> /usr/lib/cgi-bin/awstats.pl so old Apache links to awstats will work after change to NGINX file: src: /usr/lib/cgi-bin/awstats.pl path: /usr/lib/cgi-bin/awstats/awstats.pl state: link -- name: Install /etc/awstats/awstats.schoolserver.conf +- name: Install /etc/awstats/awstats.schoolserver.conf from template template: src: awstats.schoolserver.conf.j2 dest: /etc/awstats/awstats.schoolserver.conf - owner: root - group: root - mode: 0644 - when: awstats_enabled | bool + # when: awstats_enabled | bool -- name: Create a symlink /etc/awstats/awstats.conf for access by IP address +- name: Symlink /etc/awstats/awstats.conf -> /etc/awstats/awstats.schoolserver.conf for access by IP address file: src: /etc/awstats/awstats.schoolserver.conf path: /etc/awstats/awstats.conf state: link - when: awstats_enabled | bool + # when: awstats_enabled | bool -- name: On first enabling of AWStats, summarize httpd logs up to now (OS's other than debuntu) - shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update - when: awstats_enabled and not is_debuntu +# - name: On first enabling of AWStats, summarize httpd logs up to now (OS's other than debuntu) +# shell: /bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=schoolserver -update +# when: awstats_enabled and not is_debuntu -- name: On first enabling of AWStats, summarize httpd logs up to now (debuntu) +- name: On first enabling of AWStats, summarize httpd logs up to now shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update - when: awstats_enabled and is_debuntu + # when: awstats_enabled | bool -- name: Add 'awstats_installed' variable values to {{ iiab_state_file }} +- name: "Add 'awstats_installed: True' to {{ iiab_state_file }}" # /etc/iiab/iiab_state.yml lineinfile: dest: "{{ iiab_state_file }}" regexp: '^awstats_installed' diff --git a/roles/awstats/templates/cron.d.awstats b/roles/awstats/templates/cron.d.awstats.deprecated similarity index 100% rename from roles/awstats/templates/cron.d.awstats rename to roles/awstats/templates/cron.d.awstats.deprecated diff --git a/roles/bluetooth/tasks/enable.yml b/roles/bluetooth/tasks/enable.yml index 9696cdcb3..afb3edf3b 100644 --- a/roles/bluetooth/tasks/enable.yml +++ b/roles/bluetooth/tasks/enable.yml @@ -61,7 +61,7 @@ path: "{{ iiab_ini_file }}" section: bluetooth option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Bluetooth diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index 244c8b942..af38393c7 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -6,61 +6,62 @@ state: restarted when: calibreweb_enabled | bool -# Default: http://box/books -# SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy -- name: Enable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache - command: a2ensite calibre-web.conf - when: calibreweb_enabled | bool - -#- name: Restart Apache after enabling calibre-web httpd2 site -# command: apachectl -k graceful -# when: calibreweb_enabled | bool - -- name: Disable 'calibre-web' systemd service +- name: Disable & Stop 'calibre-web' systemd service systemd: name: calibre-web - daemon_reload: yes enabled: no state: stopped when: not calibreweb_enabled -- name: Disable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} with Apache +# SEE ALSO: https://github.com/janeczku/calibre-web/wiki/Setup-Reverse-Proxy + +# Apache + +# i.e. http://box/books, http://box/libros, http://box/livres + +- name: Enable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} via Apache + command: a2ensite calibre-web.conf + when: apache_install and calibreweb_enabled + +- name: Disable http://box{{ calibreweb_url1 }}, http://box{{ calibreweb_url2 }}, http://box{{ calibreweb_url3 }} via Apache command: a2dissite calibre-web.conf - when: not calibreweb_enabled or nginx_enabled | bool - -#- name: Restart Apache after disabling calibre-web httpd2 site -# command: apachectl -k graceful -# when: not calibreweb_enabled - -- name: Install /etc/nginx/conf.d/calibre-web-nginx.conf - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'calibre-web-nginx.conf.j2', dest: '/etc/nginx/conf.d/calibre-web-nginx.conf', mode: '0644' } - when: calibreweb_enabled | bool and nginx_enabled | bool - -- name: Restart nginx systemd service - systemd: - name: nginx - state: restarted - when: calibreweb_enabled | bool and nginx_enabled | bool + when: apache_install and not calibreweb_enabled - name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" # httpd or apache2 + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted - when: not nginx_enabled | bool + when: apache_enabled | bool + +# NGINX + +# TO DO: restore http://box/libros & http://box/livres, along English (http://box/books) + +- name: Enable http://box{{ calibreweb_url1 }} via NGINX, by installing {{ nginx_config_dir }}/calibre-web-nginx.conf from template + template: + src: calibre-web-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/calibre-web-nginx.conf" + when: nginx_install and calibreweb_enabled + +- name: Disable http://box{{ calibreweb_url1 }} via NGINX, by removing {{ nginx_config_dir }}/calibre-web-nginx.conf + file: + path: "{{ nginx_config_dir }}/calibre-web-nginx.conf" + state: absent + when: nginx_install and not calibreweb_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted + when: nginx_enabled | bool + - name: Add 'calibre-web' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" section: calibre-web option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: calibre-web @@ -82,5 +83,3 @@ value: "{{ calibreweb_database }}" - option: calibreweb_enabled value: "{{ calibreweb_enabled }}" -# - option: calibreweb_provision -# value: "{{ calibreweb_provision }}" diff --git a/roles/calibre-web/templates/calibre-web-nginx.conf.j2 b/roles/calibre-web/templates/calibre-web-nginx.conf.j2 index 55839acac..8a9e435c0 100644 --- a/roles/calibre-web/templates/calibre-web-nginx.conf.j2 +++ b/roles/calibre-web/templates/calibre-web-nginx.conf.j2 @@ -1,7 +1,7 @@ -location /books/ { +location {{ calibreweb_url1 }}/ { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; - proxy_set_header X-Script-Name /books; + proxy_set_header X-Script-Name {{ calibreweb_url1 }}; proxy_pass http://127.0.0.1:8083; } diff --git a/roles/calibre/tasks/enable.yml b/roles/calibre/tasks/enable.yml index 64e0215de..9bdf7e692 100644 --- a/roles/calibre/tasks/enable.yml +++ b/roles/calibre/tasks/enable.yml @@ -38,7 +38,7 @@ path: "{{ iiab_ini_file }}" section: calibre option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Calibre diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index ef0dfc85d..0bd48e6c1 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -74,7 +74,7 @@ path: "{{ iiab_ini_file }}" section: cups option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: CUPS diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 128f87b21..d5dcb409b 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -45,7 +45,7 @@ path: "{{ iiab_ini_file }}" section: docker option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Docker Container diff --git a/roles/dokuwiki/tasks/enable.yml b/roles/dokuwiki/tasks/enable.yml index 379649617..9e035e214 100644 --- a/roles/dokuwiki/tasks/enable.yml +++ b/roles/dokuwiki/tasks/enable.yml @@ -22,7 +22,7 @@ path: "{{ iiab_ini_file }}" section: dokuwiki option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: DokuWiki diff --git a/roles/elgg/tasks/enable.yml b/roles/elgg/tasks/enable.yml index 19d029530..3fa10ed9f 100644 --- a/roles/elgg/tasks/enable.yml +++ b/roles/elgg/tasks/enable.yml @@ -27,7 +27,7 @@ path: "{{ iiab_ini_file }}" section: elgg option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Elgg diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index 5bfd1d729..6e1dd8993 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -1,67 +1,61 @@ -- name: Enable 'gitea' service +- name: Enable & Restart 'gitea' systemd service systemd: - daemon_reload: yes name: gitea + daemon_reload: yes enabled: yes state: restarted when: gitea_enabled | bool -- name: Disable 'gitea' service +- name: Disable & Restart 'gitea' systemd service systemd: - daemon_reload: yes name: gitea enabled: no state: stopped when: not gitea_enabled -# Configure HTTPD +# Apache -- name: Copy gitea httpd conf file - template: - src: gitea.conf.j2 - dest: "/etc/{{ apache_config_dir }}/gitea.conf" +- name: Enable http://box{{ gitea_url }} via Apache # i.e. http://box/gitea + command: a2ensite gitea.conf + when: apache_install and gitea_enabled -- name: Enable httpd conf file (apache) - file: - src: /etc/{{ apache_config_dir }}/gitea.conf - dest: /etc/apache2/sites-enabled/gitea.conf - state: link - when: gitea_enabled and is_debuntu +- name: Disable http://box{{ gitea_url }} via Apache + command: a2dissite gitea.conf + when: apache_install and not gitea_enabled -- name: Remove apache httpd conf file (OS's other than debuntu) - file: - path: /etc/apache2/sites-enabled/gitea.conf - state: absent - when: not gitea_enabled or nginx_enabled +- name: Restart Apache systemd service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted + when: apache_enabled | bool -- name: Remove nginx httpd conf file - file: - path: /etc/nginx/conf.d/gitea-nginx.conf - state: absent - when: not gitea_enabled +# NGINX -- name: Enable nginx httpd conf file +- name: Enable http://box{{ gitea_url }} via NGINX, by installing {{ nginx_config_dir }}/gitea-nginx.conf from template template: src: gitea-nginx.conf.j2 - dest: /etc/nginx/conf.d/gitea-nginx.conf - when: gitea_enabled and nginx_enabled + dest: "{{ nginx_config_dir }}/gitea-nginx.conf" + when: nginx_install and gitea_enabled -- name: >- - Restart Apache ({{ apache_service }}) to {% if gitea_enabled %}enable{% - else %}disable{% endif %} http://box/gitea +- name: Disable http://box{{ gitea_url }} via NGINX, by removing {{ nginx_config_dir }}/gitea-nginx.conf + file: + path: "{{ nginx_config_dir }}/gitea-nginx.conf" + state: absent + when: nginx_install and not gitea_enabled + +- name: Restart 'nginx' systemd service systemd: - name: "{{ apache_service }}" - daemon_reload: yes + name: nginx state: restarted + when: nginx_enabled | bool -# Add Gitea to registry - name: Add 'gitea' to list of services at {{ iiab_ini_file }} ini_file: - dest: "{{ iiab_ini_file }}" + path: "{{ iiab_ini_file }}" section: gitea option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: gitea diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 05c9b9436..19274accb 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -113,19 +113,18 @@ owner: root group: gitea mode: 0664 - tags: - - config -# Create systemd service +# Create systemd service & prepare Apache for http://box/gitea -- name: Create 'gitea' service +- name: "Install from templates: /etc/systemd/system/gitea.service, /etc/apache2/sites-available/gitea.conf" template: - src: gitea.service.j2 - dest: "/etc/systemd/system/gitea.service" - tags: - - systemd + src: "{{ item.src }}" + dest: "{{ item.dest }}" + with_items: + - { src: 'gitea.service.j2', dest: '/etc/systemd/system/gitea.service' } + - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_config_dir }}/gitea.conf" } -- name: Add 'gitea_installed' variable values to {{ iiab_state_file }} +- name: "Add 'gitea_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^gitea_installed' diff --git a/roles/idmgr/tasks/main.yml b/roles/idmgr/tasks/main.yml index c8e05bee4..b3e5465f3 100644 --- a/roles/idmgr/tasks/main.yml +++ b/roles/idmgr/tasks/main.yml @@ -84,7 +84,7 @@ path: "{{ iiab_ini_file }}" section: idmgr option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: idmgr diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index d89f4e446..ad72350a2 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -12,7 +12,7 @@ dest: "{{ iiab_ini_file }}" section: iiab-admin option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: iiab-admin diff --git a/roles/internetarchive/tasks/enable.yml b/roles/internetarchive/tasks/enable.yml index 26788fdb6..995d328cb 100644 --- a/roles/internetarchive/tasks/enable.yml +++ b/roles/internetarchive/tasks/enable.yml @@ -37,7 +37,7 @@ path: "{{ iiab_ini_file }}" section: internetarchive option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Internet Archive Offline diff --git a/roles/kalite/tasks/enable.yml b/roles/kalite/tasks/enable.yml index b179bd601..529cf86e8 100644 --- a/roles/kalite/tasks/enable.yml +++ b/roles/kalite/tasks/enable.yml @@ -43,7 +43,7 @@ path: "{{ iiab_ini_file }}" section: kalite option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: "KA Lite" diff --git a/roles/kiwix/defaults/main.yml b/roles/kiwix/defaults/main.yml index 0bd23c25a..992d94c5a 100644 --- a/roles/kiwix/defaults/main.yml +++ b/roles/kiwix/defaults/main.yml @@ -30,9 +30,11 @@ kiwix_path: "{{ iiab_base }}/kiwix" # /opt/iiab/kiwix # /library/zims contains 3 important things: # - library.xml -# - content directory for all *.zim's -# - index directory for legacy *.zim.idx's +# - content = directory for all *.zim's +# - index = directory for legacy *.zim.idx's kiwix_library_xml: "{{ iiab_zim_path }}/library.xml" -# MOVE FILE /opt/iiab/kiwix/bin/kiwix-serve TO FORCE A REINSTALL OF kiwix-tools +# INSTRUCTIONS TO REINSTALL kiwix (1) VERIFY ITS VARS IN /etc/iiab/local_vars.yml (2) THEN RUN EITHER BELOW... +# - NEW WAY: cd /opt/iiab/iiab; ./runrole --reinstall kiwix +# - OLD WAY: rm /opt/iiab/kiwix/bin/kiwix-serve; cd /opt/iiab/iiab; ./runrole kiwix kiwix_force_install: False diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/install.yml similarity index 75% rename from roles/kiwix/tasks/kiwix_install.yml rename to roles/kiwix/tasks/install.yml index 1d9ae4c8b..e7b08df3b 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/install.yml @@ -1,4 +1,5 @@ # 1. CREATE/VERIFY CRITICAL DIRECTORIES & FILES ARE IN PLACE + - name: Download Kiwix software to /opt/iiab/downloads get_url: url: "{{ iiab_download_url }}/{{ kiwix_src_file }}" @@ -14,9 +15,6 @@ - name: Create directory {{ iiab_zim_path }} and subdirs {content, index} for Kiwix ZIM files file: path: "{{ item }}" - owner: root - group: root - mode: 0755 state: directory with_items: - "{{ iiab_zim_path }}" @@ -28,47 +26,33 @@ path: "{{ kiwix_library_xml }}" register: kiwix_xml -- name: Install a stub /library/zims/library.xml if one doesn't exist +- name: Install stub /library/zims/library.xml from template, if one doesn't exist template: src: library.xml dest: "{{ kiwix_library_xml }}" - mode: 0644 - owner: root - group: root force: no when: not kiwix_xml.stat.exists -- name: Install {{ iiab_zim_path }}/content/test.zim if kiwix_force_install +- name: Install {{ iiab_zim_path }}/content/test.zim copy: src: test.zim dest: "{{ iiab_zim_path }}/content/test.zim" - mode: 0644 - owner: root - group: root force: no - when: kiwix_force_install | bool - name: Create {{ kiwix_path }}/bin directory # /opt/iiab/kiwix/bin file: path: "{{ kiwix_path }}/bin" - owner: root - group: root - mode: 0755 state: directory -# 2. INSTALL KIWIX-TOOLS EXECUTABLES IF kiwix_force_install +# 2. INSTALL KIWIX-TOOLS EXECUTABLES - name: Unarchive {{ kiwix_src_file }} to /tmp # e.g. kiwix-tools_linux-armhf-0.6.1-1.tar.gz unarchive: src: "{{ downloads_dir }}/{{ kiwix_src_file }}" dest: /tmp - owner: root - group: root - when: kiwix_force_install | bool - name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location /opt/iiab/kiwix/bin (armhf & linux64 & i686) shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" - when: kiwix_force_install | bool # 3. ENABLE MODS FOR APACHE PROXY IF DEBUNTU @@ -84,23 +68,22 @@ # - rewrite # when: is_debuntu | bool -# 4. CREATE/ENABLE/RESTART (OR DISABLE) KIWIX SERVICE & ITS CRON JOB +# 4. INSTALL iiab-make-kiwix-lib*, kiwix-serve.service, kiwix.conf for Apache - name: 'Install from templates: kiwix-serve.service, iiab-make-kiwix-lib, iiab-make-kiwix-lib.py, kiwix.conf' template: - backup: no src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root mode: "{{ item.mode }}" with_items: - - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644'} - - { src: 'iiab-make-kiwix-lib', dest: '/usr/bin/iiab-make-kiwix-lib', mode: '0755'} - - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755'} - - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644'} + - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644' } + - { src: 'iiab-make-kiwix-lib', dest: '/usr/bin/iiab-make-kiwix-lib', mode: '0755' } + - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755' } + - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644' } -- name: Add 'kiwix_installed' variable values to {{ iiab_state_file }} +# 5. RECORD KIWIX AS INSTALLED IN /etc/iiab/iiab_state.yml + +- name: "Add 'kiwix_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^kiwix_installed' diff --git a/roles/kiwix/tasks/kiwix_enable.yml b/roles/kiwix/tasks/kiwix_enable.yml index 9e0f63f32..0fa9519e4 100644 --- a/roles/kiwix/tasks/kiwix_enable.yml +++ b/roles/kiwix/tasks/kiwix_enable.yml @@ -1,43 +1,19 @@ -- name: Create softlink kiwix.conf from sites-enabled to sites-available - for Kiwix Proxy in Apache - is disabled by turning off service kiwix-serve (debuntu) - file: - src: /etc/apache2/sites-available/kiwix.conf - path: /etc/apache2/sites-enabled/kiwix.conf - state: link - when: kiwix_enabled | bool and not nginx_enabled | bool - -- name: Install nginx support - template: - backup: no - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'kiwix-nginx.conf', dest: '/etc/nginx/conf.d/kiwix-nginx.conf', mode: '0644' } - when: kiwix_enabled | bool and nginx_enabled | bool - -- name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf - file: - path: /etc/apache2/sites-enabled/kiwix.conf - state: absent - when: not kiwix_enabled | bool or nginx_enabled | bool - -- name: Enable & Restart 'kiwix-serve' service +- name: Enable & Restart 'kiwix-serve' systemd service systemd: - daemon_reload: yes name: kiwix-serve + daemon_reload: yes enabled: yes state: restarted when: kiwix_enabled | bool -- name: Disable 'kiwix-serve' service +- name: Disable & Stop 'kiwix-serve' systemd service systemd: name: kiwix-serve enabled: no state: stopped when: not kiwix_enabled -# IN THEORY: BOTH CRON ENTRIES BELOW *SHOULD* BE DELETED "when: not kiwix_enabled" + +# TO DO: BOTH CRON ENTRIES BELOW *SHOULD* BE DELETED "when: not kiwix_enabled" # In the past kiwix-serve did not stay running, so we'd been doing this hourly. # @mgautierfr & others suggest kiwix-serve might be auto-restarted w/o cron in @@ -58,19 +34,50 @@ dest: /etc/crontab when: kiwix_enabled and is_redhat -- name: Restart Apache, so it picks up kiwix.conf - service: - name: "{{ apache_service }}" - state: restarted +# Apache + +- name: Enable http://box{{ kiwix_url_without_slash }} via Apache + command: a2ensite kiwix.conf + when: apache_install and kiwix_enabled + +- name: Disable http://box{{ kiwix_url_without_slash }} via Apache + command: a2dissite kiwix.conf + when: apache_install and not kiwix_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) + systemd: + name: "{{ apache_service }}" + daemon-reload: yes + state: restarted + when: apache_enabled | bool + +# NGINX + +- name: Enable http://box{{ kiwix_url_without_slash }} via NGINX, by installing {{ nginx_config_dir }}/kiwix-nginx.conf from template + template: + src: kiwix-nginx.conf + dest: "{{ nginx_config_dir }}/kiwix-nginx.conf" + when: nginx_install and kiwix_enabled + +- name: Disable http://box{{ kiwix_url_without_slash }} via NGINX, by removing {{ nginx_config_dir }}/kiwix-nginx.conf + file: + path: "{{ nginx_config_dir }}/kiwix-nginx.conf" + state: absent + when: nginx_install and not kiwix_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted + when: nginx_enabled | bool -# 5. FINALIZE - name: Add 'kiwix' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" section: kiwix option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Kiwix diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index a1ac24b37..8d65b3f04 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -33,12 +33,8 @@ kiwix_force_install: True when: not kiwix_bin.stat.exists or reinstall is defined -- include_tasks: kiwix_install.yml - when: (kiwix_install | bool and not kiwix_installed is defined) or kiwix_force_install | bool - tags: - - kiwix +- include_tasks: install.yml + when: (kiwix_install and not kiwix_installed is defined) or kiwix_force_install -- include_tasks: kiwix_enable.yml - when: kiwix_install | bool or kiwix_installed is defined - tags: - - kiwix +- include_tasks: enable.yml + when: kiwix_enabled # or kiwix_installed is defined diff --git a/roles/kolibri/tasks/enable.yml b/roles/kolibri/tasks/enable.yml index b2dca9682..0bbd088b0 100644 --- a/roles/kolibri/tasks/enable.yml +++ b/roles/kolibri/tasks/enable.yml @@ -1,58 +1,61 @@ -- name: Start 'kolibri' systemd service, if kolibri_enabled +- name: Enable & Start 'kolibri' systemd service systemd: name: kolibri - state: started + daemon_reload: yes enabled: yes + state: started when: kolibri_enabled | bool -- name: Enable http://box{{ kolibri_url }} with Apache (a2ensite) if kolibri_enabled # i.e. http://box/kolibri - command: a2ensite kolibri.conf - when: kolibri_enabled | bool and not nginx_enabled | bool - -- name: Disable & Stop 'kolibri' systemd service if not kolibri_enabled +- name: Disable & Stop 'kolibri' systemd service systemd: name: kolibri enabled: no state: stopped when: not kolibri_enabled -- name: Disable http://box{{ kolibri_url }} with Apache (a2dissite) if not kolibri_enabled + # Apache + +- name: Enable http://box{{ kolibri_url }} via Apache # i.e. http://box/kolibri + command: a2ensite kolibri.conf + when: apache_install and kolibri_enabled + +- name: Disable http://box{{ kolibri_url }} via Apache command: a2dissite kolibri.conf - when: not kolibri_enabled or nginx_enabled | bool + when: apache_install and not kolibri_enabled -- name: Supply /etc/nginx/conf.d/kolibri-nginx.conf when nginx_enabled - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'kolibri-nginx.conf.j2', dest: '/etc/nginx/conf.d/kolibri-nginx.conf', mode: '0644' } - when: kolibri_enabled | bool and nginx_enabled | bool - -- name: Disable http://box{{ kolibri_url }} with Apache (a2dissite) if not kolibri_enabled - command: a2dissite kolibri.conf - when: not kolibri_enabled or nginx_enabled | bool - -- name: Restart Apache service ({{ apache_service }}) # e.g. apache2 +- name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted - when: not nginx_enabled | bool + when: apache_enabled | bool -- name: Restart nginx service +# NGINX + +- name: Enable http://box{{ kolibri_url }} via NGINX, by installing {{ nginx_config_dir }}/kolibri-nginx.conf from template + template: + src: kolibri-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/kolibri-nginx.conf" + when: nginx_install and kolibri_enabled + +- name: Disable http://box{{ kolibri_url }} via NGINX, by removing {{ nginx_config_dir }}/kolibri-nginx.conf + file: + path: "{{ nginx_config_dir }}/kolibri-nginx.conf" + state: absent + when: nginx_install and not kolibri_enabled + +- name: Restart 'nginx' systemd service systemd: name: nginx state: restarted when: nginx_enabled | bool + - name: Add 'kolibri' variable values to {{ iiab_ini_file }} # /etc/iiab/iiab.ini ini_file: path: "{{ iiab_ini_file }}" section: kolibri option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: kolibri diff --git a/roles/lokole/tasks/enable.yml b/roles/lokole/tasks/enable.yml index fe60530a4..5d6803bf5 100644 --- a/roles/lokole/tasks/enable.yml +++ b/roles/lokole/tasks/enable.yml @@ -49,7 +49,7 @@ path: "{{ iiab_ini_file }}" section: lokole option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: lokole diff --git a/roles/mediawiki/tasks/enable.yml b/roles/mediawiki/tasks/enable.yml index 3b780c43d..4d20df853 100644 --- a/roles/mediawiki/tasks/enable.yml +++ b/roles/mediawiki/tasks/enable.yml @@ -1,46 +1,47 @@ -- name: Create softlink mediawiki.conf from sites-enabled to sites-available, if mediawiki_enabled (debuntu) - file: - src: /etc/apache2/sites-available/mediawiki.conf - dest: /etc/apache2/sites-enabled/mediawiki.conf - state: link - when: mediawiki_enabled and is_debuntu +# Apache -- name: Remove mediawiki.conf if not mediawiki_enabled (debuntu) - file: - path: /etc/apache2/sites-enabled/mediawiki.conf - state: absent - when: not mediawiki_enabled and is_debuntu +- name: Enable http://box{{ mediawiki_url }} via Apache # i.e. http://box/mediawiki + command: a2ensite mediawiki.conf + when: apache_install and mediawiki_enabled -- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box{{ mediawiki_url }} +- name: Disable http://box{{ mediawiki_url }} via Apache + command: a2dissite mediawiki.conf + when: apache_install and not mediawiki_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" - daemon_reload: yes + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted + when: apache_enabled | bool -- name: Install {{ nginx_config_dir }}/mediawiki-nginx.conf from template, for http://box{{ mediawiki_url }} + +# NGINX + +- name: Enable http://box{{ mediawiki_url }} via NGINX, by installing {{ nginx_config_dir }}/mediawiki-nginx.conf from template template: src: mediawiki-nginx.conf.j2 dest: "{{ nginx_config_dir }}/mediawiki-nginx.conf" - when: mediawiki_enabled + when: nginx_install and mediawiki_enabled -- name: Remove mediawiki-nginx.conf if not mediawiki_enabled (debuntu) +- name: Disable http://box{{ mediawiki_url }} via NGINX, by removing {{ nginx_config_dir }}/mediawiki-nginx.conf file: path: "{{ nginx_config_dir }}/mediawiki-nginx.conf" state: absent - when: not mediawiki_enabled and is_debuntu + when: nginx_install and not mediawiki_enabled -- name: Restart nginx service to enable/disable http://box{{ mediawiki_url }} +- name: Restart 'nginx' systemd service systemd: name: nginx - daemon_reload: yes state: restarted + when: nginx_enabled | bool + - name: Add 'mediawiki' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" section: mediawiki option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: mediawiki diff --git a/roles/minetest/tasks/enable.yml b/roles/minetest/tasks/enable.yml index 170b51629..9dfd0693b 100644 --- a/roles/minetest/tasks/enable.yml +++ b/roles/minetest/tasks/enable.yml @@ -20,7 +20,7 @@ path: "{{ iiab_ini_file }}" section: minetest option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Minetest Server diff --git a/roles/mongodb/tasks/enable.yml b/roles/mongodb/tasks/enable.yml index f7bf994f0..b615034e1 100644 --- a/roles/mongodb/tasks/enable.yml +++ b/roles/mongodb/tasks/enable.yml @@ -27,7 +27,7 @@ path: "{{ iiab_ini_file }}" section: mongodb option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: MongoDB diff --git a/roles/monit/tasks/install.yml b/roles/monit/tasks/install.yml index 1296619d9..c671161ae 100644 --- a/roles/monit/tasks/install.yml +++ b/roles/monit/tasks/install.yml @@ -49,7 +49,7 @@ path: "{{ iiab_ini_file }}" section: monit option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Monit diff --git a/roles/moodle-1.9/moodle/tasks/main.yml b/roles/moodle-1.9/moodle/tasks/main.yml index 21f93f909..f975c665f 100644 --- a/roles/moodle-1.9/moodle/tasks/main.yml +++ b/roles/moodle-1.9/moodle/tasks/main.yml @@ -80,7 +80,7 @@ path: "{{ iiab_ini_file }}" section: moodle option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Moodle diff --git a/roles/moodle/tasks/enable.yml b/roles/moodle/tasks/enable.yml index da499ed58..b625ecac6 100644 --- a/roles/moodle/tasks/enable.yml +++ b/roles/moodle/tasks/enable.yml @@ -22,7 +22,7 @@ path: "{{ iiab_ini_file }}" section: moodle option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Moodle diff --git a/roles/mosquitto/tasks/enable.yml b/roles/mosquitto/tasks/enable.yml index a7e1e0768..5fc96f38e 100644 --- a/roles/mosquitto/tasks/enable.yml +++ b/roles/mosquitto/tasks/enable.yml @@ -11,7 +11,7 @@ path: "{{ iiab_ini_file }}" section: mosquitto option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Mosquitto service diff --git a/roles/munin/tasks/enable.yml b/roles/munin/tasks/enable.yml index e47e59b1e..68293fa7c 100644 --- a/roles/munin/tasks/enable.yml +++ b/roles/munin/tasks/enable.yml @@ -55,7 +55,7 @@ path: "{{ iiab_ini_file }}" section: munin option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Munin diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 00925eda0..2d678dcfa 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -187,7 +187,7 @@ path: "{{ iiab_ini_file }}" section: mysql option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: MySQL diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index 9a3c40290..1277209e8 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -197,7 +197,7 @@ dest: "{{ iiab_ini_file }}" section: computed_network option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: iiab_wan_enabled value: "{{ iiab_wan_enabled }}" diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 257a1d469..72fdd951c 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -54,7 +54,7 @@ dest: "{{ iiab_ini_file }}" section: network option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: dansguardian_enabled value: "{{ dansguardian_enabled }}" diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index a3198e818..6cd163c94 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -193,7 +193,7 @@ dest: "{{ iiab_ini_file }}" section: detected_network option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: has_ifcfg_gw value: "{{ has_ifcfg_gw }}" diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index 914b0b63e..28b399df0 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -206,7 +206,7 @@ path: "{{ iiab_ini_file }}" section: squid option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: enabled value: "{{ squid_enabled }}" @@ -216,7 +216,7 @@ path: "{{ iiab_ini_file }}" section: dansguardian option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: enabled value: "{{ dansguardian_enabled }}" @@ -226,7 +226,7 @@ path: "{{ iiab_ini_file }}" section: wondershaper option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: enabled value: "{{ wondershaper_enabled }}" diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 3378b1828..efef305af 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -95,7 +95,7 @@ dest: "{{ iiab_ini_file }}" section: "{{ proxy }}" option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Squid @@ -109,7 +109,7 @@ dest: "{{ iiab_ini_file }}" section: dansguardian option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: DansGuardian diff --git a/roles/network/tasks/wondershaper.yml b/roles/network/tasks/wondershaper.yml index 60bcc4197..4b84b0cf0 100644 --- a/roles/network/tasks/wondershaper.yml +++ b/roles/network/tasks/wondershaper.yml @@ -50,7 +50,7 @@ dest: "{{ iiab_ini_file }}" section: wondershaper option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: wondershaper diff --git a/roles/nextcloud/tasks/enable_or_disable.yml b/roles/nextcloud/tasks/enable.yml similarity index 97% rename from roles/nextcloud/tasks/enable_or_disable.yml rename to roles/nextcloud/tasks/enable.yml index a16f7ad49..0c49b4822 100644 --- a/roles/nextcloud/tasks/enable_or_disable.yml +++ b/roles/nextcloud/tasks/enable.yml @@ -34,7 +34,7 @@ path: "{{ iiab_ini_file }}" section: Nextcloud option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Nextcloud diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 0b7d6b595..b89120da4 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -14,5 +14,5 @@ when: nextcloud_install and not installing - name: Enable or disable Nextcloud - include_tasks: enable_or_disable.yml + include_tasks: enable.yml when: nextcloud_install or nextcloud_installed is defined diff --git a/roles/nginx/README.md b/roles/nginx/README.md index 278b4f14c..08bbd8878 100644 --- a/roles/nginx/README.md +++ b/roles/nginx/README.md @@ -1,24 +1,28 @@ ### Transition to NGINX -1. Initial testing strategy is to move nginx to port 80, and proxy everything to apache on port 8090-- creating a shim. -2. Without php available via fastcgi, any function at all for php based applications validates nginx. -3. Current state (10/16/19) - 1. Principal functions migrated to nginx. - * Admin Console - * Awstats - * kalite -- goes directly to port 8009 - * usb-lib - * maps - 2. Dual support - * kiwix -- goes directly to port 3000 - * calibre-web - * kolibri - * sugarizer - 3. Still proxied to Apache - * mediawiki - * elgg - * nodered - * nextcloud - * wordpress - * moodle - 4. Not dealt with yet - * archive.org + +1. Initial testing strategy is to move nginx to port 80, and proxy everything to Apache on port 8090 -- creating a shim. +2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX. +3. Current state (2020-01-11) + 1. Principal functions migrated to NGINX + * Admin Console + * kalite -- goes directly to port 8009 + * mediawiki + * osm-vector-maps + * usb-lib + * wordpress + 2. Dual support, see: https://github.com/iiab/iiab/blob/master/roles/nginx/tasks/only_nginx.yml + * awstats ([#2124](https://github.com/iiab/iiab/issues/2124)) + * calibre-web + * gitea + * kiwix -- goes directly to port 3000 + * kolibri + * sugarizer + 3. Still proxied to Apache, see: https://github.com/iiab/iiab/blob/master/roles/nginx/tasks/uses_apache.yml + * dokuwiki ([#2056](https://github.com/iiab/iiab/issues/2056)) + * elgg + * lokole + * moodle + * nodered + * nextcloud ([PR #2119](https://github.com/iiab/iiab/pull/2119)) + 4. Not yet dealt with + * internetarchive ([#2120](https://github.com/iiab/iiab/pull/2120)) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 7271ed86e..e3198509f 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -1,5 +1,7 @@ -- name: Install nginx required and helper packages - package: name={{ item }} state=present +- name: Install NGINX required and helper packages + package: + name: "{{ item }}" + state: present with_items: - nginx-extras - uwsgi @@ -12,24 +14,23 @@ name: "{{ apache_user }}" groups: shadow -- name: Remove the nginx default config +- name: Remove NGINX default config /etc/nginx/sites-enabled/default file: path: /etc/nginx/sites-enabled/default state: absent -- name: Put config files in place (2 into /etc/nginx, 1 into /etc/{{ apache_service }}) +- name: 'Install 4 files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf, /etc/systemd/system/uwsgi.service' template: - src: '{{ item.src}}' - dest: '{{ item.dest }}' + src: "{{ item.src }}" + dest: "{{ item.dest }}" with_items: - - { src: "roles/nginx/templates/server.conf", dest: "/etc/nginx/" } - - { src: "roles/nginx/templates/nginx.conf", dest: "/etc/nginx/" } - - { src: 'roles/nginx/templates/ports.conf', dest: '/etc/{{ apache_service }}/' , mode: '0644' } - - { src: 'roles/nginx/templates/uwsgi.service', dest: '/etc/systemd/system/' , mode: '0644' } + - { src: 'roles/nginx/templates/server.conf', dest: '/etc/nginx/' } + - { src: 'roles/nginx/templates/nginx.conf', dest: '/etc/nginx/' } + - { src: 'roles/nginx/templates/ports.conf', dest: '/etc/{{ apache_service }}/' } + - { src: 'roles/nginx/templates/uwsgi.service', dest: '/etc/systemd/system/' } -- name: Let uwsgi running as {{ apache_user }} write log files +- name: Let uwsgi (running as {{ apache_user }}) write log files file: - path: /var/log/uwsgi/app - state: directory - owner: "{{ apache_user }}" - + path: /var/log/uwsgi/app + state: directory + owner: "{{ apache_user }}" diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 5c2dee6ed..a85c08855 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -1,32 +1,32 @@ -- name: Put the config file in place +- name: "Install from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/{{ apache_service }}/ports.conf, {{ nginx_config_dir }}/iiab.conf" template: - src: '{{ item.src}}' - dest: '{{ item.dest }}' + src: "{{ item.src}}" + dest: "{{ item.dest }}" with_items: - - { src: "server.conf",dest: "/etc/nginx/" } - - { src: "nginx.conf",dest: "/etc/nginx/" } - - { src: "ports.conf" , dest: "/etc/{{ apache_service }}/" } - - { src: "iiab.conf.j2",dest: "/etc/nginx/conf.d/iiab.conf" } - when: nginx_enabled + - { src: "server.conf", dest: "/etc/nginx/" } + - { src: "nginx.conf", dest: "/etc/nginx/" } + - { src: "ports.conf", dest: "/etc/{{ apache_service }}/" } + - { src: "iiab.conf.j2", dest: "{{ nginx_config_dir }}/iiab.conf" } + when: nginx_enabled | bool -- name: Clean stale config files +- name: Remove stale files (usb-lib.conf, modules.conf) from {{ nginx_config_dir }} file: state: absent - path: '{{ item.path }}' + path: "{{ item.path }}" with_items: - - { path: "/etc/nginx/conf.d/usb-lib.conf" } - - { path: "/etc/nginx/conf.d/modules.conf" } + - { path: "{{ nginx_config_dir }}/usb-lib.conf" } + - { path: "{{ nginx_config_dir }}/modules.conf" } -- name: Insure that apache2 is not running -- we may need port swap +- name: Ensure that Apache (({{ apache_service }})) is not running -- we may need port swap systemd: - name: apache2 + name: "{{ apache_service }}" state: stopped # the below slides in nginx's proxypass config files for apache on localhost # via the ports.conf file installed above -- name: Install proxpass to apache running on localhost port {{ apache_port }} +- name: Install proxpass to Apache running on localhost port {{ apache_port }} include_tasks: uses_apache.yml - when: nginx_enabled + when: nginx_enabled | bool # the below task contains the same logic contained in the playbooks to enable # 'runrole nginx' to do the right thing but with the 'src' path set to role's @@ -34,9 +34,9 @@ - name: Install proxpass to other services 'dual mode' roles include_tasks: only_nginx.yml - when: nginx_enabled + when: nginx_enabled | bool -- name: Stop and disable nginx when not nginx_enabled +- name: Stop and disable NGINX when not nginx_enabled systemd: name: nginx state: stopped @@ -50,21 +50,21 @@ when: not nginx_enabled # should have the logic to handle both modes in the playbook -- name: Enable Apache (a2ensite) for 'dual mode' for the role when NGINX is diabled +- name: Enable Apache (a2ensite) for 'dual mode' for the role when NGINX is disabled include_tasks: disable.yml when: not nginx_enabled -- name: Since we stopped apache2, start it again +- name: Enable & Restart Apache, since we stopped it ({{ apache_service }}) systemd: - name: apache2 + name: "{{ apache_service }}" + daemon_reload: yes state: restarted enabled: true - daemon_reload: yes - when: apache_enabled + when: apache_enabled | bool -- name: Restart nginx to pick up the config files installed +- name: Enable & Restart NGINX, to pick up the config files installed systemd: name: nginx state: restarted enabled: true - when: nginx_enabled + when: nginx_enabled | bool diff --git a/roles/nginx/tasks/only_nginx.yml b/roles/nginx/tasks/only_nginx.yml index 127c357b8..f3c26719f 100644 --- a/roles/nginx/tasks/only_nginx.yml +++ b/roles/nginx/tasks/only_nginx.yml @@ -3,131 +3,122 @@ path: /etc/apache2/sites-enabled/awstats.conf state: absent -- name: Install nginx support for awstats if awstats_enabled - copy: - backup: no - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/awstats/templates/awstats-nginx.conf', dest: '/etc/nginx/conf.d/kiwix-nginx.conf' , mode: '0644' } - when: awstats_enabled +- name: Install /etc/nginx/conf.d/awstats-nginx.conf from template, if awstats_enabled + template: + src: roles/awstats/templates/awstats-nginx.conf + dest: /etc/nginx/conf.d/awstats-nginx.conf + # owner: root + # group: root + # mode: '0644' + when: awstats_enabled | bool -- name: Remove nginx support for AWStats +- name: Remove NGINX support for AWStats, if not awstats_enabled file: path: /etc/nginx/conf.d/awstats-nginx.conf state: absent when: not awstats_enabled -- name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf - file: - path: /etc/apache2/sites-enabled/kiwix.conf - state: absent - -- name: Install nginx support for kiwix if kiwix_enabled - copy: - backup: no - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/kiwix/templates/kiwix-nginx.conf', dest: '/etc/nginx/conf.d/kiwix-nginx.conf' , mode: '0644' } - when: kiwix_enabled | bool - -- name: Remove nginx support for kiwix - file: - path: /etc/nginx/conf.d/kiwix-nginx.conf - state: absent - when: not kiwix_enabled | bool - -- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf - file: - path: /etc/apache2/sites-enabled/sugarizer.conf - state: absent - -- name: "Install sugarizer-nginx.conf (nginx) if sugarizer_enabled" - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/sugarizer/templates/sugarizer-nginx.conf', dest: '/etc/nginx/conf.d/sugarizer-nginx.conf', mode: '0644' } - when: sugarizer_enabled | bool - -- name: Remove nginx support for sugarizer - file: - path: /etc/nginx/conf.d/sugarizer-nginx.conf - state: absent - when: not sugarizer_enabled | bool - -- name: Remove /etc/apache2/sites-enabled/kolibri.conf - file: - path: /etc/apache2/sites-enabled/kolibri.conf - state: absent - -- name: Supply /etc/nginx/conf.d/kolibri-nginx.conf when kolibri_enabled - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'roles/kolibri/templates/kolibri-nginx.conf.j2', dest: '/etc/nginx/conf.d/kolibri-nginx.conf', mode: '0644' } - when: kolibri_enabled | bool - -- name: Remove nginx support for kolibri when not kolibri_enabled - file: - path: /etc/nginx/conf.d/kolibri-nginx.conf - state: absent - when: not kolibri_enabled | bool - name: Remove symlink /etc/apache2/sites-enabled/calibre-web.conf file: path: /etc/apache2/sites-enabled/calibre-web.conf state: absent -- name: Install /etc/nginx/conf.d/calibre-web-nginx.conf +- name: Install /etc/nginx/conf.d/calibre-web-nginx.conf from template, if calibreweb_enabled template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'roles/calibre-web/templates/calibre-web-nginx.conf.j2', dest: '/etc/nginx/conf.d/calibre-web-nginx.conf', mode: '0644' } - when: calibreweb_enabled + src: roles/calibre-web/templates/calibre-web-nginx.conf.j2 + dest: /etc/nginx/conf.d/calibre-web-nginx.conf + # owner: root + # group: root + # mode: '0644' + when: calibreweb_enabled | bool -- name: Remove nginx support for Calibre-Web +- name: Remove NGINX support for Calibre-Web, if not calibreweb_enabled file: path: /etc/nginx/conf.d/calibre-web-nginx.conf state: absent when: not calibreweb_enabled + - name: Remove symlink /etc/apache2/sites-enabled/gitea.conf file: path: /etc/apache2/sites-enabled/gitea.conf state: absent -- name: Install /etc/nginx/conf.d/gitea-nginx.conf +- name: Install /etc/nginx/conf.d/gitea-nginx.conf from template, if gitea_enabled template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: root - group: root - mode: "{{ item.mode }}" - with_items: - - { src: 'roles/gitea/templates/gitea-nginx.conf.j2', dest: '/etc/nginx/conf.d/gitea-nginx.conf', mode: '0644' } - when: gitea_enabled + src: roles/gitea/templates/gitea-nginx.conf.j2 + dest: /etc/nginx/conf.d/gitea-nginx.conf + # owner: root + # group: root + # mode: '0644' + when: gitea_enabled | bool -- name: Remove nginx support for Gitea +- name: Remove NGINX support for Gitea, if not gitea_enabled file: path: /etc/nginx/conf.d/gitea-nginx.conf state: absent when: not gitea_enabled + + +- name: Remove symlink /etc/apache2/sites-enabled/kiwix.conf + file: + path: /etc/apache2/sites-enabled/kiwix.conf + state: absent + +- name: Install /etc/nginx/conf.d/kiwix-nginx.conf from template, if kiwix_enabled + template: + src: roles/kiwix/templates/kiwix-nginx.conf + dest: /etc/nginx/conf.d/kiwix-nginx.conf + # owner: root + # group: root + # mode: '0644' + when: kiwix_enabled | bool + +- name: Remove NGINX support for Kiwix, if not kiwix_enabled + file: + path: /etc/nginx/conf.d/kiwix-nginx.conf + state: absent + when: not kiwix_enabled + + +- name: Remove symlink /etc/apache2/sites-enabled/kolibri.conf + file: + path: /etc/apache2/sites-enabled/kolibri.conf + state: absent + +- name: Install /etc/nginx/conf.d/kolibri-nginx.conf from template, if kolibri_enabled + template: + src: roles/kolibri/templates/kolibri-nginx.conf.j2 + dest: /etc/nginx/conf.d/kolibri-nginx.conf + # owner: root + # group: root + # mode: '0644' + when: kolibri_enabled | bool + +- name: Remove NGINX support for Kolibri, if not kolibri_enabled + file: + path: /etc/nginx/conf.d/kolibri-nginx.conf + state: absent + when: not kolibri_enabled + + +- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf + file: + path: /etc/apache2/sites-enabled/sugarizer.conf + state: absent + +- name: Install /etc/nginx/conf.d/sugarizer-nginx.conf from template, if sugarizer_enabled + template: + src: roles/sugarizer/templates/sugarizer-nginx.conf + dest: /etc/nginx/conf.d/sugarizer-nginx.conf + # owner: root + # group: root + # mode: '0644' + when: sugarizer_enabled | bool + +- name: Remove NGINX support for Sugarizer, if not sugarizer_enabled + file: + path: /etc/nginx/conf.d/sugarizer-nginx.conf + state: absent + when: not sugarizer_enabled diff --git a/roles/nginx/tasks/uses_apache.yml b/roles/nginx/tasks/uses_apache.yml index 91bf27e4a..41725fc90 100644 --- a/roles/nginx/tasks/uses_apache.yml +++ b/roles/nginx/tasks/uses_apache.yml @@ -1,29 +1,39 @@ -- name: Install nginx's config file from template, if moodle_enabled - template: - src: moodle-nginx.conf.j2 - dest: "/etc/nginx/conf.d/moodle-nginx.conf" - owner: root - group: root - mode: 0644 - when: moodle_enabled - -- name: Install /etc/nginx/conf.d/dokuwiki-nginx.conf from template +- name: Install /etc/nginx/conf.d/dokuwiki-nginx.conf from template, if dokuwiki_enabled template: src: dokuwiki-nginx.conf dest: /etc/nginx/conf.d/dokuwiki-nginx.conf - when: dokuwiki_enabled + when: dokuwiki_enabled | bool -- name: Install /etc/nginx/conf.d/elgg-nginx.conf from template +- name: Install /etc/nginx/conf.d/elgg-nginx.conf from template, if elgg_enabled template: src: elgg-nginx.conf - dest: "/etc/nginx/conf.d/elgg-nginx.conf" - when: elgg_enabled + dest: /etc/nginx/conf.d/elgg-nginx.conf + when: elgg_enabled | bool -- name: Install /etc/nginx/lokole-nginx.conf from template +- name: Install /etc/nginx/conf.d/lokole-nginx.conf from template, if lokole_enabled template: src: lokole-nginx.conf.j2 - dest: "/etc/nginx/conf.d/lokole-nginx.conf" - when: lokole_enabled + dest: /etc/nginx/conf.d/lokole-nginx.conf + when: lokole_enabled | bool + +- name: Install /etc/nginx/conf.d/moodle-nginx.conf from template, if moodle_enabled + template: + src: moodle-nginx.conf.j2 + dest: /etc/nginx/conf.d/moodle-nginx.conf + when: moodle_enabled | bool + +- name: Install /etc/nginx/conf.d/nextcloud-nginx.conf from template, if nextcloud_enabled + template: + src: nextcloud-nginx.conf + dest: /etc/nginx/conf.d/nextcloud-nginx.conf + when: nextcloud_enabled | bool + +- name: Install /etc/nginx/conf.d/nodered-nginx.conf from template, if nodered_enabled + template: + src: nodered-nginx.conf.j2 + dest: /etc/nginx/conf.d/nodered-nginx.conf + # mode: '0666' + when: nodered_enabled | bool # mediawiki and wordpress are no longer proxied @@ -39,20 +49,4 @@ # dest: /etc/nginx/conf.d/ # when: wordpress_enabled -- name: Install Nextcloud's nginx conf.d file from template - template: - src: nextcloud-nginx.conf - dest: /etc/nginx/conf.d/nextcloud-nginx.conf - when: nextcloud_enabled - -- name: Install NodeRed's nginx conf.d file from template - template: - src: nodered-nginx.conf.j2 - dest: /etc/nginx/conf.d/nodered-nginx.conf - owner: root - group: root - mode: 0666 - when: nodered_enabled - #- name: Install proxpass to apache running on localhost - diff --git a/roles/nginx/templates/dokuwiki-nginx.conf b/roles/nginx/templates/dokuwiki-nginx.conf index eb05289e5..9bbfe2cf7 100644 --- a/roles/nginx/templates/dokuwiki-nginx.conf +++ b/roles/nginx/templates/dokuwiki-nginx.conf @@ -1,3 +1,3 @@ location {{ dokuwiki_url }} { - proxy_pass http://127.0.0.1:{{ apache_port }}/{{ dokuwiki_url }}; + proxy_pass http://127.0.0.1:{{ apache_port }}{{ dokuwiki_url }}; } diff --git a/roles/nginx/templates/server.conf b/roles/nginx/templates/server.conf index e734bde1f..47467aad8 100644 --- a/roles/nginx/templates/server.conf +++ b/roles/nginx/templates/server.conf @@ -10,7 +10,7 @@ server { index index.php index.html index.htm; # let individual services drop location blocks in conf.d - include /etc/nginx/conf.d/*; + include {{ nginx_config_dir }}/*; location ~ .*\.php$ { proxy_set_header X-Real-IP $remote_addr; diff --git a/roles/nodered/tasks/enable.yml b/roles/nodered/tasks/enable.yml index d3f9783c4..1e4ade2f1 100644 --- a/roles/nodered/tasks/enable.yml +++ b/roles/nodered/tasks/enable.yml @@ -40,7 +40,7 @@ path: "{{ iiab_ini_file }}" section: nodered option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Node-RED diff --git a/roles/nodogsplash/tasks/rpi.yml b/roles/nodogsplash/tasks/rpi.yml index 617208d46..dd5c3785f 100644 --- a/roles/nodogsplash/tasks/rpi.yml +++ b/roles/nodogsplash/tasks/rpi.yml @@ -57,7 +57,7 @@ path: "{{ iiab_ini_file }}" section: nodogsplash option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: nodogsplash diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 507209d6a..7a6a48c0a 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -204,7 +204,7 @@ path: "{{ iiab_ini_file }}" section: openvpn option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: OpenVPN diff --git a/roles/osm-vector-maps/tasks/main.yml b/roles/osm-vector-maps/tasks/main.yml index c698e3644..1eb1299e0 100644 --- a/roles/osm-vector-maps/tasks/main.yml +++ b/roles/osm-vector-maps/tasks/main.yml @@ -1,15 +1,15 @@ - name: Ensure directory {{ vector_map_path }}/maplist/assets exists file: - path: '{{ vector_map_path }}/maplist/assets' + path: "{{ vector_map_path }}/maplist/assets" state: directory - owner: '{{ apache_user }}' - group: '{{ apache_user }}' + owner: "{{ apache_user }}" + group: "{{ apache_user }}" mode: '0755' - name: Download map catalog {{ iiab_map_url }}/assets/regions.json to {{ vector_map_path }}/maplist/assets/ get_url: url: "{{ iiab_map_url }}/assets/regions.json" - dest: '{{ vector_map_path }}/maplist/assets/' + dest: "{{ vector_map_path }}/maplist/assets/" - name: Symlink catalog {{ doc_root }}/common/assets/regions.json -> {{ vector_map_path }}/maplist/assets/regions.json file: @@ -20,19 +20,19 @@ - name: Download the JavaScript bundle with OpenLayers (main.js) for test page http://box/maps/maplist get_url: url: "{{ iiab_map_url }}/../main.js" - dest: '{{ vector_map_path }}/maplist/' + dest: "{{ vector_map_path }}/maplist/" - name: Install {{ vector_map_path }}/maplist/index.html from template, for test page http://box/maps/maplist template: - src: "index.html" - dest: '{{ vector_map_path }}/maplist/index.html' + src: index.html + dest: "{{ vector_map_path }}/maplist/index.html" # Bboxes (bounding boxes) are currently square. But geofabrik has non-rectangular bboxes. # So bring the bounding box definition from cloud (bboxes.geojson is big) - name: Download bounding box definitions (bboxes.geojson) to {{ vector_map_path }}/maplist/assets/ get_url: url: "{{ iiab_map_url }}/assets/bboxes.geojson" - dest: '{{ vector_map_path }}/maplist/assets/' + dest: "{{ vector_map_path }}/maplist/assets/" # REMOVE this stanza once the transition to Python 3 is confirmed #- name: Install python-geojson package (OS's prior to Ubuntu 19.10) @@ -48,11 +48,11 @@ # name: python3-geojson # 2019-10-19: available across most/all recent # state: present # OS's, but not yet used by osm-vector-maps code? -- name: Install /usr/bin/iiab-update-map for updating of Map Pack catalog & descriptions +- name: Install /usr/bin/iiab-update-map from template, for updating of Map Pack catalog & descriptions template: src: iiab-update-map dest: /usr/bin/iiab-update-map - mode: "0755" + mode: '0755' # This depends on iiab-admin-console which is not yet installed #- name: Run the script that does osm-vector-maps housekeeping @@ -61,25 +61,25 @@ - name: Copy countries.json (geojson) to {{ vector_map_path }}/maplist/assets copy: src: countries.json - dest: '{{ vector_map_path }}/maplist/assets' + dest: "{{ vector_map_path }}/maplist/assets" # It is too complicated to use a single file for both iiab and admin-console - name: Copy the duplicated JavaScript (map_functions.js) to {{ vector_map_path }}/maplist/assets copy: src: map_functions.js - dest: '{{ vector_map_path }}/maplist/assets' + dest: "{{ vector_map_path }}/maplist/assets" -- name: Install /etc/nginx/conf.d/osm-vector-maps.conf from template +- name: Install {{ nginx_config_dir }}/osm-vector-maps.conf from template template: src: osm-vector-maps-nginx.conf - dest: "/etc/nginx/conf.d/osm-vector-maps-nginx.conf" + dest: "{{ nginx_config_dir }}/osm-vector-maps-nginx.conf" when: osm_vector_maps_enabled | bool -- name: Remove config /etc/nginx/conf,d/osm-vector-maps.conf (debuntu) +- name: Remove {{ nginx_config_dir }}/osm-vector-maps.conf file: - path: /etc/nginx/conf.d/osm-vector-maps-nginx.conf + path: "{{ nginx_config_dir }}/osm-vector-maps-nginx.conf" state: absent - when: not osm_vector_maps_enabled | bool + when: not osm_vector_maps_enabled #- name: Does the {{ vector_map_path }}/index.html redirect already exist? # stat: @@ -94,7 +94,7 @@ dest: "{{ vector_map_path }}/index.html" #when: not osm_redirect.stat.exists -- name: Reload Apache service ({{ apache_service }}) # e.g. apache2 +- name: Reload 'nginx' systemd service systemd: - name: "{{ apache_service }}" + name: nginx state: reloaded diff --git a/roles/osm/tasks/main.yml b/roles/osm/tasks/main.yml index 1c8112e69..389da679b 100644 --- a/roles/osm/tasks/main.yml +++ b/roles/osm/tasks/main.yml @@ -177,7 +177,7 @@ path: "{{ iiab_ini_file }}" section: osm option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: OpenStreetMap diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml index 27d5c64b5..8726df4ae 100644 --- a/roles/owncloud/tasks/main.yml +++ b/roles/owncloud/tasks/main.yml @@ -110,7 +110,7 @@ path: "{{ iiab_ini_file }}" section: owncloud option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: owncloud diff --git a/roles/pathagar/tasks/main.yml b/roles/pathagar/tasks/main.yml index 07420c4c0..968762383 100644 --- a/roles/pathagar/tasks/main.yml +++ b/roles/pathagar/tasks/main.yml @@ -198,7 +198,7 @@ path: "{{ iiab_ini_file }}" section: pathagar option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: pathagar diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 324ffb28b..795bed675 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -70,7 +70,7 @@ path: "{{ iiab_ini_file }}" section: phpmyadmin option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: phpMyAdmin diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index cea159fd0..ac388b863 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -105,7 +105,7 @@ path: "{{ iiab_ini_file }}" section: postgresql option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: PostgreSQL diff --git a/roles/rachel/tasks/main.yml b/roles/rachel/tasks/main.yml index 123fedc9a..93568383c 100644 --- a/roles/rachel/tasks/main.yml +++ b/roles/rachel/tasks/main.yml @@ -28,7 +28,7 @@ path: "{{ iiab_ini_file }}" section: rachel option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: rachel diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index 6e3f1c72a..a8060d5ca 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -78,7 +78,7 @@ path: "{{ iiab_ini_file }}" section: samba option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Samba diff --git a/roles/schooltool/tasks/main.yml b/roles/schooltool/tasks/main.yml index f47d1f333..2f41eefda 100644 --- a/roles/schooltool/tasks/main.yml +++ b/roles/schooltool/tasks/main.yml @@ -60,7 +60,7 @@ path: "{{ iiab_ini_file }}" section: schooltool option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Schooltool diff --git a/roles/sugar-stats/tasks/main.yml b/roles/sugar-stats/tasks/main.yml index 04e40d97e..0a35fe760 100644 --- a/roles/sugar-stats/tasks/main.yml +++ b/roles/sugar-stats/tasks/main.yml @@ -45,7 +45,7 @@ path: "{{ iiab_ini_file }}" section: sugar_stats option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: sugar_stats diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index 95db3155f..d23fdff8a 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -1,82 +1,61 @@ -- name: Create symlink sugarizer.conf from sites-enabled to sites-available, for short URLs http://box/sugar & http://box/sugarizer (if sugarizer_enabled) - file: - src: /etc/apache2/sites-available/sugarizer.conf - path: /etc/apache2/sites-enabled/sugarizer.conf - state: link - when: sugarizer_enabled | bool and not nginx_enabled | bool - -- name: Remove symlink /etc/apache2/sites-enabled/sugarizer.conf (if not sugarizer_enabled) - file: - path: /etc/apache2/sites-enabled/sugarizer.conf - state: absent - when: not sugarizer_enabled | bool or nginx_enabled | bool - -- name: "Install sugarizer-nginx.conf (nginx)" - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - owner: root - group: root - with_items: - - { src: 'sugarizer-nginx.conf', dest: '/etc/nginx/conf.d/sugarizer-nginx.conf' , mode: '0644' } - when: sugarizer_enabled | bool and nginx_enabled | bool - -# 6. RESTART/STOP SYSTEMD SERVICE - -# with "systemctl daemon-reload" in case mongodb.service changed, etc -- name: Enable & Restart 'sugarizer' systemd service (if sugarizer_enabled) +- name: Enable & Restart 'sugarizer' systemd service systemd: name: sugarizer - daemon_reload: yes + daemon_reload: yes # in case mongodb.service changed, etc enabled: yes state: restarted when: sugarizer_enabled | bool -- name: Disable & Stop 'sugarizer' systemd service (if not sugarizer_enabled) +- name: Disable & Stop 'sugarizer' systemd service systemd: name: sugarizer - daemon_reload: yes enabled: no state: stopped when: not sugarizer_enabled -#- name: Enable services (all OS's) -# service: -# name: "{{ item.name }}" -# enabled: yes -# state: restarted -# with_items: -## - { name: mongodb } # 2018-07-14: NICE TRY, but still doesn't bring http://box:8089 to life reliably, as a reboot usually does! (Is a "systemctl daemon-reload" or some such nec?) -# - { name: sugarizer } -# when: sugarizer_enabled | bool +# Apache -#- name: Disable service (all OS's) -# service: -# name: sugarizer -# enabled: no -# state: stopped -# when: not sugarizer_enabled +- name: Enable http://box/sugarizer & http://box/sugar via Apache + command: a2ensite sugarizer.conf + when: apache_install and sugarizer_enabled -- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box/sugarizer (not just http://box:{{ sugarizer_port }}) +- name: Disable http://box/sugarizer & http://box/sugar via Apache + command: a2dissite sugarizer.conf + when: apache_install and not sugarizer_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" # httpd or apache2 + name: "{{ apache_service }}" state: restarted - when: sugarizer_enabled | bool and not nginx_enabled | bool + when: apache_enabled | bool -- name: Restart nginx when enabled +# NGINX + +- name: Enable http://box/sugarizer via NGINX, by installing {{ nginx_config_dir }}/sugarizer-nginx.conf from template + template: + src: sugarizer-nginx.conf + dest: "{{ nginx_config_dir }}/sugarizer-nginx.conf" + when: nginx_install and sugarizer_enabled + +- name: Disable http://box/sugarizer via NGINX, by removing {{ nginx_config_dir }}/sugarizer-nginx.conf + file: + path: "{{ nginx_config_dir }}/sugarizer-nginx.conf" + state: absent + when: nginx_install and not sugarizer_enabled + +- name: Restart 'nginx' systemd service systemd: name: nginx state: restarted - daemon_reload: yes - when: sugarizer_enabled and nginx_enabled + when: nginx_enabled | bool + - name: Add 'sugarizer' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" section: sugarizer option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: Sugarizer diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index dc9b9e120..c60561aad 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -120,12 +120,6 @@ # when: internet_available and git_sug_server_output.changed # OLD WAY 3 # when: internet_available and not is_F18 and not node_modules_exists # OLD WAY 1 -#- name: Create the express framework for Node.js (Fedora 18) -# shell: npm install -# args: -# chdir: "{{ iiab_base }}/sugarizer/server" -# when: internet_available and is_F18 and not node_modules_exists - # Add a Node.js Express function that appends a prefix to URLs. # SEE "AUTO-INSERTED BY IIAB" ~61 LINES BELOW: as those two "pathPrefix" lines # MUST be added to /opt/iiab/sugarizer-server/sugarizer.js @@ -138,16 +132,16 @@ # 5. CONFIG FILES -- name: "Install from templates: sugarizer.service (systemd), sugarizer-nginx.conf (nginx)" +- name: "Install from templates: /etc/systemd/system/sugarizer.service, /etc/apache2/sites-available/sugarizer.conf" template: src: "{{ item.src }}" dest: "{{ item.dest }}" - mode: 0644 - owner: root - group: root + # owner: root + # group: root + # mode: '0644' with_items: - { src: 'sugarizer.service', dest: '/etc/systemd/system/sugarizer.service' } - - { src: 'sugarizer.conf.j2', dest: '/etc/apache2/sites-available/sugarizer.conf' } + - { src: 'sugarizer.conf.j2', dest: "/etc/{{ apache_config_dir }}/sugarizer.conf" } #- { src: 'sugarizer.ini.j2', dest: '{{ iiab_base }}/sugarizer-server/env/sugarizer.ini' } #- { src: 'sugarizer.js', dest: '{{ iiab_base }}/sugarizer-server' } @@ -221,7 +215,7 @@ # # Use this instead, if tabs are truly nec: # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -- name: Add 'sugarizer_installed' variable values to {{ iiab_state_file }} +- name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^sugarizer_installed' diff --git a/roles/teamviewer/tasks/main.yml b/roles/teamviewer/tasks/main.yml index 65fb0bfbf..1a6dfc9c9 100644 --- a/roles/teamviewer/tasks/main.yml +++ b/roles/teamviewer/tasks/main.yml @@ -13,7 +13,7 @@ path: "{{ iiab_ini_file }}" section: teamviewer option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: teamviewer diff --git a/roles/transmission/tasks/main.yml b/roles/transmission/tasks/main.yml index 00f8b2773..66bb4c0e8 100644 --- a/roles/transmission/tasks/main.yml +++ b/roles/transmission/tasks/main.yml @@ -58,7 +58,7 @@ path: "{{ iiab_ini_file }}" section: transmission option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: transmission diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb-lib/tasks/main.yml index 48c18d457..8cf7ce336 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb-lib/tasks/main.yml @@ -89,7 +89,7 @@ path: "{{ iiab_ini_file }}" section: usb-lib option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: usb-lib diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index c71e668e5..60912b3b4 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -31,7 +31,7 @@ path: "{{ iiab_ini_file }}" section: vnstat option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: vnStat diff --git a/roles/wordpress/tasks/enable.yml b/roles/wordpress/tasks/enable.yml index 3796a367b..397a48d61 100644 --- a/roles/wordpress/tasks/enable.yml +++ b/roles/wordpress/tasks/enable.yml @@ -1,27 +1,46 @@ -- name: Create symlink wordpress.conf from sites-enabled to sites-available, if wordpress_enabled (debuntu) - file: - src: /etc/apache2/sites-available/wordpress.conf - path: /etc/apache2/sites-enabled/wordpress.conf - state: link - when: wordpress_enabled and is_debuntu +# Apache -- name: Remove /etc/apache2/sites-enabled/wordpress.conf if not wordpress_enabled (debuntu) - file: - path: /etc/apache2/sites-enabled/wordpress.conf - state: absent - when: not wordpress_enabled and is_debuntu +- name: "Enable http://box{{ wp_url }} via Apache" + command: a2ensite wordpress.conf + when: apache_install and wordpress_enabled -- name: Restart Apache service ({{ apache_service }}) to enable/disable http://box{{ wp_url }} +- name: "Disable http://box{{ wp_url }} via Apache" + command: a2dissite wordpress.conf + when: apache_install and not wordpress_enabled + +- name: Restart Apache systemd service ({{ apache_service }}) systemd: - name: "{{ apache_service }}" + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml state: restarted + when: apache_enabled | bool + +# NGINX + +- name: "Enable http://box{{ wp_url }} via NGINX, by installing {{ nginx_config_dir }}/wordpress-nginx.conf from template" + template: + src: wordpress-nginx.conf.j2 + dest: "{{ nginx_config_dir }}/wordpress-nginx.conf" + when: nginx_install and wordpress_enabled + +- name: "Disable http://box{{ wp_url }} via NGINX, by removing {{ nginx_config_dir }}/wordpress-nginx.conf" + file: + path: "{{ nginx_config_dir }}/wordpress-nginx.conf" + state: absent + when: nginx_install and not wordpress_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted + when: nginx_enabled | bool + - name: Add 'wordpress' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" section: wordpress option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: WordPress diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 4bf624f49..629edf133 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -16,24 +16,24 @@ url: "{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest: "{{ downloads_dir }}" timeout: "{{ download_timeout }}" -# force: yes -# backup: yes + # force: yes + # backup: yes register: wp_download_output when: internet_available | bool -- name: Create symlink from /opt/iiab/downloads/wordpress.tar.gz to {{ wp_download_output.dest }} +- name: Symlink {{ downloads_dir }}/wordpress.tar.gz -> {{ wp_download_output.dest }} file: src: "{{ wp_download_output.dest }}" - path: "{{ downloads_dir }}/wordpress.tar.gz" + path: "{{ downloads_dir }}/wordpress.tar.gz" # /opt/iiab/downloads state: link when: wp_download_output.dest is defined -- name: Does /opt/iiab/downloads/wordpress.tar.gz link exist? +- name: Does {{ downloads_dir }}/wordpress.tar.gz link exist? stat: - path: "{{ downloads_dir }}/wordpress.tar.gz" + path: "{{ downloads_dir }}/wordpress.tar.gz" # /opt/iiab/downloads register: wp_link -- name: FAIL (force Ansible to exit) IF /opt/iiab/downloads/wordpress.tar.gz doesn't exist +- name: FAIL (force Ansible to exit) IF {{ downloads_dir }}/wordpress.tar.gz doesn't exist fail: msg: "{{ downloads_dir }}/wordpress.tar.gz is REQUIRED in order to install WordPress." when: not wp_link.stat.exists @@ -42,22 +42,11 @@ unarchive: src: "{{ downloads_dir }}/wordpress.tar.gz" dest: "{{ wp_install_path }}" - owner: root - group: "{{ apache_user }}" - mode: 0664 + # owner: root + group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? + mode: '0664' keep_newer: yes -# - name: Rename /library/wordpress* to /library/wordpress -# shell: if [ ! -d {{ wp_abs_path }} ]; then mv {{ wp_abs_path }}* {{ wp_abs_path }}; fi - -#- name: Make Apache owner and group, 1st pass permissions set to 0664 -# file: path={{ wp_abs_path }} -# recurse=yes -# owner=root -# group={{ apache_user }} -# mode=0664 -# state=directory - - name: Make /library/wordpress directories 775 so Apache can traverse and write (most files remain 0664) command: "/usr/bin/find {{ wp_abs_path }} -type d -exec chmod 775 {} +" @@ -65,9 +54,9 @@ copy: src: wp-keys.php.BAK dest: "{{ wp_abs_path }}/wp-keys.php.BAK" - owner: root - group: "{{ apache_user }}" - mode: 0640 + # owner: root + group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? + mode: '0640' # Fetch random salts for WordPress config into wp-keys.php file by generating script and running @@ -75,9 +64,9 @@ template: src: get-iiab-wp-salts.j2 dest: /tmp/get-iiab-wp-salts - owner: root - group: root - mode: 0700 + # owner: root + # group: root + mode: '0700' - name: Run /tmp/get-iiab-wp-salts to create /library/wordpress/wp-keys.php command: /tmp/get-iiab-wp-salts @@ -91,23 +80,17 @@ template: src: wp-config.php.j2 dest: "{{ wp_abs_path }}/wp-config.php" - owner: root - group: "{{ apache_user }}" - mode: 0660 + # owner: root + group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? + mode: '0660' - name: Install etc/{{ apache_config_dir }}/wordpress.conf from template, for http://box{{ wp_url }} template: src: wordpress.conf.j2 dest: "/etc/{{ apache_config_dir }}/wordpress.conf" - when: apache_enabled + when: apache_enabled | bool -- name: Install {{ nginx_config_dir }}/wordpress-nginx.conf from template, for http://box{{ wp_url }} - template: - src: wordpress-nginx.conf.j2 - dest: "{{ nginx_config_dir }}/wordpress-nginx.conf" - when: nginx_enabled - -- name: Add 'wordpress_installed' variable values to {{ iiab_state_file }} +- name: "Add 'wordpress_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" regexp: '^wordpress_installed' diff --git a/roles/xovis/tasks/main.yml b/roles/xovis/tasks/main.yml index ffdad5828..aab3f668d 100644 --- a/roles/xovis/tasks/main.yml +++ b/roles/xovis/tasks/main.yml @@ -86,7 +86,7 @@ path: "{{ iiab_ini_file }}" section: xovis option: "{{ item.option }}" - value: "{{ item.value }}" + value: "{{ item.value | string }}" with_items: - option: name value: xovis