Merge branch 'master' into cwivagg/matomo_20220618

iiab-network

@@ -94,3 +94,4 @@ echo "iiab-network run start: $Start"
 echo "iiab-network run end: $End"
 echo
 echo "Please REBOOT to fully verify your network -- graphical desktops MUST reboot!"
+exit 0

roles/0-init/tasks/validate_vars.yml

@@ -64,15 +64,12 @@
 # 2020-11-04: Fix validation of 5 [now 4] core dependencies, for ./runrole etc
 
 
-- name: Set vars_checklist for 46 + 46 + 42 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked
+- name: Set vars_checklist for 44 + 44 + 0 vars ("XYZ_install" + "XYZ_enabled" + "XYZ_installed") to be checked
   set_fact:
     vars_checklist:
       - hostapd
-      - dhcpd
-      - named
       - dnsmasq
       - bluetooth
-      #- wondershaper       # Unmaintained
       - sshd
       - openvpn
       - remoteit
@@ -81,18 +78,10 @@
       #- apache             # Unmaintained - former dependency
       #- mysql              # MANDATORY
       - squid
-      #- dansguardian       # Unmaintained
       - cups
       - samba
       - usb_lib
-      #- xo_services        # Unmaintained
-      #- activity_server    # Unmaintained
-      #- ejabberd_xs        # Unmaintained
-      #- idmgr              # Unmaintained
       - azuracast
-      #- dokuwiki           # Unmaintained
-      #- ejabberd           # Unmaintained
-      #- elgg               # Unmaintained
       - gitea
       - jupyterhub
       - lokole
@@ -168,3 +157,21 @@
     quiet: yes
   when: item != 'nodejs' and item != 'postgresql' and item != 'mongodb' and item != 'yarn'    # Exclude auto-installed dependencies
   loop: "{{ vars_checklist }}"
+
+- name: 'DISALLOW "XYZ_install: True" if deprecated'
+  assert:
+    that: "{{ item }}_install is undefined or not {{ item }}_install"
+    fail_msg: "DISALLOWED: '{{ item }}_install: True' (e.g. in /etc/iiab/local_vars.yml)"
+    quiet: yes
+  with_items:
+    - dhcpd               # Deprecated
+    - named               # Deprecated
+    - wondershaper        # Deprecated
+    - dansguardian        # Deprecated
+    #- xo_services        # Unmaintained
+    #- activity_server    # Unmaintained
+    #- ejabberd_xs        # Unmaintained
+    #- idmgr              # Unmaintained
+    #- dokuwiki           # Unmaintained
+    #- ejabberd           # Unmaintained
+    #- elgg               # Unmaintained

roles/1-prep/tasks/main.yml

@@ -23,12 +23,18 @@
     name: iiab-admin
   #when: iiab_admin_install    # Flag might be created in future?
 
-- name: Copy iiab-apps-to-be-installed from {{ iiab_dir }} to /usr/bin/
+- name: Copy iiab-apps-to-be-installed from {{ iiab_dir }}/scripts to /usr/bin/
   copy:
     src: "{{ iiab_dir }}/scripts/iiab-apps-to-be-installed"    # /opt/iiab/iiab
     dest: /usr/bin/
     mode: '0755'
 
+- name: Copy iiab-network from {{ iiab_dir }}/scripts to /usr/local/bin/
+  copy:
+    src: "{{ iiab_dir }}/scripts/iiab-network"
+    dest: /usr/local/bin/
+    mode: '0755'
+
 - name: Install ~12 network/wifi/related packages + Squid if necessary + configure /etc/sysctl.conf -- full configuration LATER in 'network', after Stage 9
   include_tasks: roles/network/tasks/install.yml
   when: network_install and network_installed is undefined

roles/firmware/tasks/main.yml

@@ -18,7 +18,7 @@
 
 - name: Install firmware (for RPi internal WiFi)
   include_tasks: install.yml
-  #when: firmware_installed is undefined
+  when: firmware_installed is undefined
 
 # Two variables are placed in /etc/iiab/iiab_state.yml:
 #

roles/firmware/templates/iiab-check-firmware

@@ -44,10 +44,11 @@ else
     echo -e "settings in /etc/iiab/local_vars.yml, please then run:"
     echo
     echo -e "  cd /opt/iiab/iiab"
-    echo -e "  sudo iiab-hotspot-off    # Sometimes nec, eg to restore 'wifi_up_down: True'"
-    echo -e "  sudo ./iiab-network      # Or, 'sudo ./runrole firmware' is SOMETIMES enough"
-    echo -e "  sudo iiab-hotspot-on     # Sometimes nec, eg to restore 'wifi_up_down: True'"
-    echo -e "  sudo poweroff\n"
+    echo -e "  sudo iiab-hotspot-off    # NO LONGER NEC? eg to restore 'wifi_up_down: True'"
+    echo -e "  sudo ./runrole --reinstall firmware"
+    echo -e "  sudo ./iiab-network      # SOMETIMES NECESSARY"
+    echo -e "  sudo iiab-hotspot-on     # NO LONGER NEC? eg to restore 'wifi_up_down: True'"
+    echo -e "  sudo reboot\n"
     #echo
     #echo -e "Disconnect your power cord before rebooting, for better WiFi firmware results.\n"
 fi

roles/firmware/templates/iiab-firmware-warn.sh

@@ -3,7 +3,7 @@
 if [ -f /tmp/.fw_modified ]; then
     echo -e "\n\e[41;1mWiFi Firmware link(s) modified, per iiab/iiab#2853: PLEASE REBOOT!\e[0m"
     echo
-    echo -e "If you want this warning to stop, run: sudo rm /tmp/.fw_modified\n"
+    echo -e "If you want this warning to stop, reboot to remove /tmp/.fw_modified\n"
 fi
 
 # \e[1m = bright white    \e[100;1m = bright white, on gray    \n\e[41;1m = bright white, on red

roles/kiwix/tasks/kiwix-apk.yml

@@ -6,7 +6,7 @@
 
 - name: Download kiwix.apk to {{ doc_root }}{{ kiwix_apk_url }}
   get_url:
-    url: "{{ kiwix_apk_src  }}"    # e.g. https://download.kiwix.org/release/kiwix-android/kiwix.apk
+    url: "{{ kiwix_apk_src }}"    # e.g. https://download.kiwix.org/release/kiwix-android/kiwix.apk formerly kiwix-3.5.0.apk
     dest: "{{ doc_root }}{{ kiwix_apk_url }}"
     timeout: "{{ download_timeout }}"
 

roles/network/tasks/NM-debian.yml

@@ -1,6 +1,6 @@
 # NM-debian.yml
-- name: Stopping services
-  include_tasks: down-debian.yml
+#- name: Stopping services
+#  include_tasks: down-debian.yml
 
 # provide keyfile layout like the XO's used way back.
 #- name: Create uuid for NM's keyfile store

roles/network/tasks/computed_services.yml

@@ -20,35 +20,35 @@
     iiab_network_mode: "Gateway"
   when: iiab_lan_iface != "none" and iiab_wan_iface != "none"
 
-- name: No LAN configured - non-dnsmasq
-  set_fact:
-    named_enabled: True
-    dhcpd_enabled: False
-    dhcp_service2: "dhcpd disabled"
-  when: not dnsmasq_enabled and iiab_network_mode == "Appliance"
+#- name: No LAN configured - non-dnsmasq
+#  set_fact:
+#    named_enabled: True
+#    dhcpd_enabled: False
+#    dhcp_service2: "dhcpd disabled"
+#  when: not dnsmasq_enabled and iiab_network_mode == "Appliance"
 
-- name: LAN configured - non-dnsmasq
-  set_fact:
-    named_enabled: True
-    dhcpd_enabled: True
-    dhcp_service2: "dhcpd"
-  when: not dnsmasq_enabled and iiab_network_mode != "Appliance"
+#- name: LAN configured - non-dnsmasq
+#  set_fact:
+#    named_enabled: True
+#    dhcpd_enabled: True
+#    dhcp_service2: "dhcpd"
+#  when: not dnsmasq_enabled and iiab_network_mode != "Appliance"
 
-- name: LAN configured - dnsmasq
-  set_fact:
-    named_enabled: False
-    dhcpd_enabled: False
-    dnsmasq_enabled: True
-    dhcp_service2: "dnsmasq"
-  when: dnsmasq_install and iiab_network_mode != "Appliance"
+#- name: LAN configured - dnsmasq
+#  set_fact:
+#    named_enabled: False
+#    dhcpd_enabled: False
+#    dnsmasq_enabled: True
+#    dhcp_service2: "dnsmasq"
+#  when: dnsmasq_install and iiab_network_mode != "Appliance"
 
-- name: LAN not configured - dnsmasq
-  set_fact:
-    named_enabled: False
-    dhcpd_enabled: False
-    dnsmasq_enabled: True
-    dhcp_service2: "dnsmasq"
-  when: dnsmasq_install and iiab_network_mode == "Appliance"
+#- name: LAN not configured - dnsmasq
+#  set_fact:
+#    named_enabled: False
+#    dhcpd_enabled: False
+#    dnsmasq_enabled: True
+#    dhcp_service2: "dnsmasq"
+#  when: dnsmasq_install and iiab_network_mode == "Appliance"
 
 - name: Add 'network' variable values (from computed_services.yml) to {{ iiab_ini_file }}
   ini_file:
@@ -71,12 +71,12 @@
     #  value: "{{ wondershaper_enabled }}"
     - option: iiab_network_mode_applied
       value: "{{ iiab_network_mode }}"
-    - option: dhcpd_enabled
-      value: "{{ dhcpd_enabled }}"
-    - option: dhcp_service2
-      value: "{{ dhcp_service2 }}"
-    - option: named_enabled
-      value: "{{ named_enabled }}"
+#    - option: dhcpd_enabled
+#      value: "{{ dhcpd_enabled }}"
+#    - option: dhcp_service2
+#      value: "{{ dhcp_service2 }}"
+#    - option: named_enabled
+#      value: "{{ named_enabled }}"
     - option: dnsmasq_enabled
       value: "{{ dnsmasq_enabled }}"
     - option: no_net_restart

roles/network/tasks/debian.yml

@@ -62,7 +62,7 @@
     regexp: "{{ iiab_wan_iface }}"
   when: wan_ip != "dhcp" and iiab_wan_iface != "none" and is_debian and not is_debian_8
 
-- include_tasks: down-debian.yml
+#- include_tasks: down-debian.yml
 
 - name: Reload systemd
   systemd:

roles/network/tasks/enable_services.yml

@@ -1,70 +1,72 @@
-- name: Disable dhcpd service
-  service:
-    name: dhcpd
-    enabled: no
-  when: (dhcpd_install or dhcpd_installed is defined) and not dhcpd_enabled
+#- name: Disable dhcpd service
+#  service:
+#    name: dhcpd
+#    enabled: no
+#  when: (dhcpd_install or dhcpd_installed is defined) and not dhcpd_enabled
 
 # service is restarted with NM dispatcher.d script
-- name: Enable dhcpd service
-  service:
-    name: dhcpd
-    enabled: yes
-  when: dhcpd_install and dhcpd_enabled
+#- name: Enable dhcpd service
+#  service:
+#    name: dhcpd
+#    enabled: yes
+#  when: dhcpd_install and dhcpd_enabled
 
-- name: Install /etc/sysconfig/dhcpd, /etc/dhcpd-iiab.conf from templates (root:root, 0644 by default)
-  template:
-    src: "{{ item.src }}"
-    dest: "{{ item.dest }}"
+#- name: Install /etc/sysconfig/dhcpd, /etc/dhcpd-iiab.conf from templates (root:root, 0644 by default)
+#  template:
+#    src: "{{ item.src }}"
+#    dest: "{{ item.dest }}"
+#    # owner: root
+    # group: root
+    # mode: "{{ item.mode }}"
+#  with_items:
+#   - { src: 'dhcp/dhcpd-env.j2', dest: '/etc/sysconfig/dhcpd' }
+#   - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf' }
+#  when: dhcpd_install and dhcpd_enabled
+
+#- name: Install /etc/named-iiab.conf and two *.zone.db files into /var/named-iiab (root:root, 0644 by default)
+#  template:
+#    src: "{{ item.src }}"
+#    dest: "{{ item.dest }}"
     # owner: root
     # group: root
     # mode: "{{ item.mode }}"
-  with_items:
-   - { src: 'dhcp/dhcpd-env.j2', dest: '/etc/sysconfig/dhcpd' }
-   - { src: 'dhcp/dhcpd-iiab.conf.j2', dest: '/etc/dhcpd-iiab.conf' }
-  when: dhcpd_install and dhcpd_enabled
+#  with_items:
+#   - { src: 'named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf' }
+#   - { src: 'named/school.local.zone.db.j2', dest: '/var/named-iiab/school.local.zone.db' }
+#   - { src: 'named/school.internal.zone.db.j2', dest: '/var/named-iiab/school.internal.zone.db' }
+#  when: named_install and named_enabled
 
-- name: Install /etc/named-iiab.conf and two *.zone.db files into /var/named-iiab (root:root, 0644 by default)
-  template:
-    src: "{{ item.src }}"
-    dest: "{{ item.dest }}"
-    # owner: root
-    # group: root
-    # mode: "{{ item.mode }}"
-  with_items:
-   - { src: 'named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf' }
-   - { src: 'named/school.local.zone.db.j2', dest: '/var/named-iiab/school.local.zone.db' }
-   - { src: 'named/school.internal.zone.db.j2', dest: '/var/named-iiab/school.internal.zone.db' }
-  when: named_install and named_enabled
+#- name: Enable named service ({{ dns_service }}) if named_enabled
+#  systemd:
+#    name: "{{ dns_service }}"
+#    enabled: yes
+#  when: named_install and named_enabled
 
-- name: Enable named service ({{ dns_service }}) if named_enabled
-  systemd:
-    name: "{{ dns_service }}"
-    enabled: yes
-  when: named_install and named_enabled
-
-- name: Disable named service ({{ dns_service }}) if not named_enabled
-  systemd:
-    name: "{{ dns_service }}"
-    enabled: no
-  when: (named_install or named_installed is defined) and not named_enabled
+#- name: Disable named service ({{ dns_service }}) if not named_enabled
+#  systemd:
+#    name: "{{ dns_service }}"
+#    enabled: no
+#  when: (named_install or named_installed is defined) and not named_enabled
 
 - name: Install /etc/dnsmasq.d/iiab.conf from template, when dnsmasq_enabled and isn't Appliance
   template:
     src: network/dnsmasq.conf.j2
     dest: /etc/dnsmasq.d/iiab.conf
-  when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance")
+  when: iiab_network_mode != "Appliance"
+#  when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance")
 
 - name: Install /etc/hosts.dnsmasq from template for /etc/dnsmasq.d/iiab.conf (instead of using /etc/hosts)
   template:
     src: network/hosts-dnsmasq.j2
     dest: /etc/hosts.dnsmasq
-  when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance")
+  when: iiab_network_mode != "Appliance"
+#  when: dnsmasq_install and dnsmasq_enabled and (iiab_network_mode != "Appliance")
 
 - name: Update /etc/dnsmasq.d/dnsmasq-iiab for custom dns setting
   template:
     src: network/dnsmasq-iiab
     dest: /etc/dnsmasq.d/dnsmasq-iiab
-  when: dnsmasq_install    # 2020-05-10: Are all these dnsmasq_install conditions really still necessary ?
+#  when: dnsmasq_install    # 2020-05-10: Are all these dnsmasq_install conditions really still necessary ?
 
 ## Another way to skin the cat
 ##- name: Check if systemd service networkd-dispatcher is enabled
@@ -93,6 +95,8 @@
 #- debug:
 #    var: nd_dir
 
+# networkd-dispatcher not enabled for is_linuxmint https://github.com/iiab/iiab/issues/3278
+# might need the same dispatcher treatment using networkmanager-dispatcher to bring up dnsmasq or look at dnsmasq-iiab
 - name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04 or later) (root:root by default)
   template:
     src: roles/network/templates/network/dnsmasq.sh.j2
@@ -100,27 +104,28 @@
     mode: 0755
     # owner: root
     # group: root
-  when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
+  when: nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
+#  when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
   #when: dnsmasq_install and dnsmasq_enabled and nd_enabled is defined and nd_enabled.stdout == "enabled" and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
   #when: dnsmasq_install and dnsmasq_enabled and systemd_out.status.UnitFileState == "enabled" and networkd_dir.stat.exists and networkd_dir.stat.isdir and (iiab_network_mode != "Appliance")
 
-- name: Remove /etc/dnsmasq.d/iiab.conf, when not dnsmasq_enabled or is Appliance
+- name: Remove /etc/dnsmasq.d/iiab.conf, when is Appliance
   file:
     path: /etc/dnsmasq.d/iiab.conf
     state: absent
-  when: (not dnsmasq_enabled) or (iiab_network_mode == "Appliance")
+  when: iiab_network_mode == "Appliance"
 
 - name: Enable iiab-dnsmasq systemd service, if dnsmasq_enabled
   systemd:
     name: iiab-dnsmasq
     enabled: yes
-  when: dnsmasq_install and dnsmasq_enabled
+  when: dnsmasq_enabled
 
 - name: Disable iiab-dnsmasq, if not dnsmasq_enabled
   systemd:
     name: iiab-dnsmasq
     enabled: no
-  when: dnsmasq_install and not dnsmasq_enabled
+  when: not dnsmasq_enabled
 
 # - name: Enable DansGuardian systemd service, if dansguardian_enabled
 #   systemd:
@@ -139,13 +144,13 @@
     path: "{{ iiab_env_file }}"
     regexp: '^HTTPCACHE_ON=*'
     line: 'HTTPCACHE_ON=True'
-  when: squid_install and squid_enabled
+  when: squid_installed is defined and squid_enabled
 
 - name: Enable systemd service '{{ proxy }}' - if squid_install and squid_enabled
   systemd:
     name: "{{ proxy }}"    # squid (or 'squid3' on vars/debian-8.yml, vars/raspbian-8.yml)
     enabled: yes
-  when: squid_install and squid_enabled
+  when: squid_installed is defined and squid_enabled
 
 - name: Install /etc/{{ proxy }}/squid.conf from template (root:root, 0644 by default) - and create a timestamped backup of the original - if squid_install and squid_enabled
   template:
@@ -154,7 +159,7 @@
     # owner: "{{ proxy_user }}"    # proxy (or 'squid' on vars/centos-7.yml, vars/fedora-18.yml, vars/fedora-12.yml)
     # group: "{{ proxy_user }}"
     backup: yes
-  when: squid_install and squid_enabled
+  when: squid_installed is defined and squid_enabled
 
 # - name: Point /etc/init.d/{{ proxy }} to /etc/{{ proxy }}/squid-iiab.conf - if squid_install and squid_enabled
 #   lineinfile:
@@ -167,14 +172,14 @@
   systemd:
     name: "{{ proxy }}"
     enabled: no
-  when: (squid_install or squid_installed is defined) and not squid_enabled
+  when: squid_installed is defined and not squid_enabled
 
 - name: Revert {{ iiab_env_file }} to 'HTTPCACHE_ON=False' - if squid_install and not squid_enabled
   lineinfile:
     path: "{{ iiab_env_file }}"
     regexp: '^HTTPCACHE_ON=*'
     line: 'HTTPCACHE_ON=False'
-  when: squid_install and not squid_enabled
+  when: squid_installed is defined and not squid_enabled
 
 # - name: Enable Wondershaper service, if wondershaper_enabled
 #   systemd:

roles/network/tasks/install.yml

@@ -7,7 +7,7 @@
   package:
     name: networkd-dispatcher    # 15kB download: Dispatcher service for systemd-networkd connection status changes
     state: present
-  when: not is_raspbian
+  when: not is_raspbian or not is_linuxmint
 
 # 2021-07-27 from @jvonau: 3 apt packages BELOW (iw, rfkill, wireless-tools)
 # are provided by RasPiOS.  Ubuntu|Debian on the other hand are hit or miss:
@@ -62,14 +62,14 @@
 
 
 # UNMAINTAINED
-- name: Install named / BIND
-  include_tasks: roles/network/tasks/named.yml
-  when: named_install is defined and named_install
+#- name: Install named / BIND
+#  include_tasks: roles/network/tasks/named.yml
+#  when: named_install is defined and named_install
 
 # UNMAINTAINED
-- name: Install dhcpd
-  include_tasks: roles/network/tasks/dhcpd.yml
-  when: dhcpd_install is defined and dhcpd_install
+#- name: Install dhcpd
+#  include_tasks: roles/network/tasks/dhcpd.yml
+#  when: dhcpd_install is defined and dhcpd_install
 
 # LESS MAINTAINED
 - name: Install Squid

roles/network/tasks/main.yml

@@ -47,17 +47,17 @@
   #   include_tasks: wondershaper.yml
   #   when: wondershaper_install or wondershaper_installed is defined
 
-  - name: (Re)Install named
-    include_tasks: named.yml
-    when: named_install and FQDN_changed and iiab_stage|int == 9
+#  - name: (Re)Install named
+#    include_tasks: named.yml
+#    when: named_install and FQDN_changed and iiab_stage|int == 9
 
-  - name: (Re)Install dhcpd
-    include_tasks: dhcpd.yml
-    when: dhcpd_install and FQDN_changed and iiab_stage|int == 9
+#  - name: (Re)Install dhcpd
+#    include_tasks: dhcpd.yml
+#    when: dhcpd_install and FQDN_changed and iiab_stage|int == 9
 
-  - name: (Re)Install Squid
-    include_tasks: squid.yml
-    when: squid_install and FQDN_changed and iiab_stage|int == 9
+#  - name: (Re)Install Squid
+#    include_tasks: squid.yml
+#    when: squid_install and FQDN_changed and iiab_stage|int == 9
 
   #preprep for backends
   - name: Netplan in use on Ubuntu 18.04+

roles/network/tasks/restart.yml

@@ -29,11 +29,11 @@
   shell: netplan apply
   when: wifi_up_down and is_ubuntu and netplan.stdout.find("yaml") != -1
 
-- name: Start named service
-  systemd:
-    name: "{{ dns_service }}"
-    state: restarted
-  when: named_enabled and named_install
+#- name: Start named service
+#  systemd:
+#    name: "{{ dns_service }}"
+#    state: restarted
+#  when: named_enabled and named_install
 
 - name: Stop Squid service
   systemd:
@@ -98,11 +98,13 @@
 #both interfaces.d and systemd-networkd should have br0 available and Appliance lacks br0
 #keep an eye on legacy wifi installs where br0 is present but not 'online' with an ip address
 #due to hostapd didn't go to a carrier state. All others should get dnsmasq restarted
-- name: User choice of dnsmasq or dhcpd - restarting {{ dhcp_service2 }}
+#- name: User choice of dnsmasq or dhcpd - restarting {{ dhcp_service2 }}
+- name: Restarting dnsmasq
   systemd:
-    name: "{{ dhcp_service2 }}"
+    name: dnsmasq
     state: restarted
-  when: (not no_net_restart or (is_ubuntu and wifi_up_down)) or (iiab_stage|int == 9)
+  when: dnsmasq_enabled and ((not no_net_restart or (is_ubuntu and wifi_up_down)) or (iiab_stage|int == 9))
+#  when: (not no_net_restart or (is_ubuntu and wifi_up_down)) or (iiab_stage|int == 9)
   #when: (not no_net_restart or (is_ubuntu_20 and wifi_up_down)) or (iiab_stage|int == 9)
   #when: (not no_net_restart or (is_ubuntu_20 and wifi_up_down))
   #when: (iiab_network_mode != "Appliance")    # Sufficient b/c br0 exists thanks to /etc/network/interfaces.d/iiab

roles/network/tasks/rpi_debian.yml

@@ -54,8 +54,8 @@
     src: network/dnsmasq-iiab
   when: iiab_lan_iface == "br0"
 
-- name: Stopping services
-  include_tasks: down-debian.yml
+#- name: Stopping services
+#  include_tasks: down-debian.yml
 
 - name: Reload systemd
   systemd:

roles/network/tasks/sysd-netd-debian.yml

@@ -44,8 +44,8 @@
 
   #when: wan_ip != "dhcp" and not is_ubuntu_18
 
-- name: Stopping services
-  include_tasks: down-debian.yml
+#- name: Stopping services
+#  include_tasks: down-debian.yml
 
 - name: Reload systemd
   systemd:
@@ -64,9 +64,17 @@
     enabled: yes
     masked: no
 
+- name: Enable & Restart systemd-resolved.service
+  systemd:
+    name: systemd-resolved
+    state: restarted
+    enabled: yes
+    masked: no
+
 - name: Enable & Restart networkd-dispatcher.service
   systemd:
     name: networkd-dispatcher
     state: restarted
     enabled: yes
     masked: no
+  when: not is_linuxmint

scripts/ansible

@@ -8,7 +8,7 @@
 
 APT_PATH=/usr/bin     # Avoids problematic /usr/local/bin/apt on Linux Mint
 CURR_VER=undefined    # Ansible version you have installed, e.g. [core 2.13.0]
-GOOD_VER=2.13.1       # Orig for 'yum install [rpm]' & XO laptops (pip install)
+GOOD_VER=2.13.2       # Orig for 'yum install [rpm]' & XO laptops (pip install)
 
 # 2021-06-22: The apt approach (with PPA source in /etc/apt/sources.list.d/ and
 # .gpg key etc) are commented out with ### below.  Associated guidance/comments
@@ -34,6 +34,8 @@ GOOD_VER=2.13.1       # Orig for 'yum install [rpm]' & XO laptops (pip install)
 # https://www.ansible.com/blog/ansible-3.0.0-qa
 # https://github.com/ansible/ansible/tags
 # https://github.com/ansible/ansible/releases (OLD)
+# https://github.com/ansible/ansible/commits/stable-2.13
+# https://github.com/ansible/ansible/blob/stable-2.13/changelogs/CHANGELOG-v2.13.rst
 # https://github.com/ansible/ansible/commits/stable-2.12
 # https://github.com/ansible/ansible/blob/stable-2.12/changelogs/CHANGELOG-v2.12.rst
 # https://github.com/ansible/ansible/blob/devel/docs/docsite/rst/roadmap/ROADMAP_2_12.rst

scripts/iiab-network

@@ -0,0 +1,7 @@
+#!/bin/bash -e
+cd /opt/iiab/iiab
+sudo ./iiab-network
+rc=$?
+if [[ $rc == "0" ]]; then
+    sudo touch /etc/iiab/install-flags/iiab-network-complete
+fi

scripts/local_facts.fact

@@ -64,6 +64,7 @@ OS_VER="$OS-$VERSION_ID"
     #"ubuntu-18"    | \
     #"ubuntu-19"    | \
     #"ubuntu-2104"  | \
+    #"ubuntu-2110"  | \
     #"centos-7"     | \
     #"raspbian-8"   | \
     #"raspbian-9"   | \
@@ -76,7 +77,6 @@ case $OS_VER in
     "debian-11"    | \
     "debian-12"    | \
     "ubuntu-2004"  | \
-    "ubuntu-2110"  | \
     "ubuntu-2204"  | \
     "ubuntu-2210"  | \
     "linuxmint-20" | \

vars/debian-11.yml

@@ -4,23 +4,17 @@ is_debuntu: True
 is_debian: True    # Opposite of is_ubuntu for now
 is_debian_11: True
 
-# 2019-01-31: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dhcp_service: isc-dhcp-server
-dns_user: bind
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_conf_dir: apache2/sites-available
 apache_user: www-data
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: openssh-server
 sshd_service: ssh
 php_version: 7.4

vars/debian-12.yml

@@ -4,23 +4,17 @@ is_debuntu: True
 is_debian: True    # Opposite of is_ubuntu for now
 is_debian_12: True
 
-# 2019-01-31: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dhcp_service: isc-dhcp-server
-dns_user: bind
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_conf_dir: apache2/sites-available
 apache_user: www-data
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: openssh-server
 sshd_service: ssh
 php_version: 8.1

vars/default_vars.yml

@@ -201,13 +201,13 @@ dnsmasq_install: True
 dnsmasq_enabled: True
 
 # UNMAINTAINED as of July 2021
-dhcpd_install: False
-dhcpd_enabled: False
+#dhcpd_install: False
+#dhcpd_enabled: False
 
 # UNMAINTAINED as of July 2021
 # named (BIND)
-named_install: False
-named_enabled: False
+#named_install: False
+#named_enabled: False
 block_DNS: False
 
 # Enable in local_vars.yml AFTER installing IIAB!  Then run "cd /opt/iiab/iiab; ./iiab-network"
@@ -357,20 +357,20 @@ nodocs: False
 # http://lists.laptop.org/pipermail/server-devel/ if you're able to help test.
 
 # UNMAINTAINED since about 2012-2017
-xo_services_install: False    # 2020-01-23: UNUSED
-xo_services_enabled: False    # 2020-01-23: Used in idmgr/tasks/main.yml & iiab-admin-console/roles/console/files/htmlf/20-configure.html
+#xo_services_install: False    # 2020-01-23: UNUSED
+#xo_services_enabled: False    # 2020-01-23: Used in idmgr/tasks/main.yml & iiab-admin-console/roles/console/files/htmlf/20-configure.html
 
 # UNMAINTAINED since about 2012-2017
-activity_server_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml (originally defined in activity-server/defaults/main.yml)
-activity_server_enabled: False    # 2020-01-23: Used in activity-server/tasks/main.yml (originally defined in activity-server/defaults/main.yml)
+#activity_server_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml (originally defined in activity-server/defaults/main.yml)
+#activity_server_enabled: False    # 2020-01-23: Used in activity-server/tasks/main.yml (originally defined in activity-server/defaults/main.yml)
 
 # UNMAINTAINED since about 2012-2017: consider 'ejabberd' in Stage 6-GENERIC-APPS below?
-ejabberd_xs_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml & roles/ejabberd_xs/tasks/main.yml
-ejabberd_xs_enabled: False    # 2020-01-23: Used in roles/ejabberd_xs/tasks/main.yml
+#ejabberd_xs_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml & roles/ejabberd_xs/tasks/main.yml
+#ejabberd_xs_enabled: False    # 2020-01-23: Used in roles/ejabberd_xs/tasks/main.yml
 
 # UNMAINTAINED since about 2012-2017: change calibre_port from 8080 to 8010 below, if you use idmgr
-idmgr_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml
-idmgr_enabled: False    # 2020-01-23: UNUSED
+#idmgr_install: False    # 2020-01-23: Used in 5-xo-services/tasks/main.yml
+#idmgr_enabled: False    # 2020-01-23: UNUSED
 
 
 # 6-GENERIC-APPS
@@ -388,17 +388,17 @@ azuracast_https_port: 10443
 azuracast_port_range_prefix: 10
 
 # UNMAINTAINED as of January 2020: https://github.com/iiab/iiab/issues/2056
-dokuwiki_install: False
-dokuwiki_enabled: False
-dokuwiki_url: /dokuwiki
+#dokuwiki_install: False
+#dokuwiki_enabled: False
+#dokuwiki_url: /dokuwiki
 
 # UNMAINTAINED as of November 2019
-ejabberd_install: False
-ejabberd_enabled: False
+#ejabberd_install: False
+#ejabberd_enabled: False
 
 # UNMAINTAINED as of July 2021
-elgg_install: False
-elgg_enabled: False
+#elgg_install: False
+#elgg_enabled: False
 # elgg_mysql_password: $6$iiab51$jeTwnATcbaa92xo0QBTgjLBU.5aVDDrbKeNyyC99R/TAWz6pvfzj.L7lfnOVVjD78nxqT.gkNn6XZmuRV0W3o1
 elgg_mysql_password: elgg4kids
 
@@ -486,7 +486,7 @@ kiwix_port: 3000
 iiab_zim_path: "{{ content_base }}/zims"    # /library/zims
 kiwix_incl_apk: False
 kiwix_apk_url: /software/kiwix
-kiwix_apk_src: https://download.kiwix.org/release/kiwix-android/kiwix-3.4.5.apk
+kiwix_apk_src: https://download.kiwix.org/release/kiwix-android/kiwix.apk
 
 # 2020-09-24: BOTH VALUES BELOW ARE IGNORED as PostgreSQL is installed on
 # demand as a dependency -- by Moodle &/or Pathagar

vars/linuxmint-20.yml

@@ -6,23 +6,17 @@ is_ubuntu_20: True
 is_linuxmint: True
 is_linuxmint_20: True
 
-# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dns_user: bind
-dhcp_service: isc-dhcp-server
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_user: www-data
 apache_conf_dir: apache2/sites-available
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: openssh-server
 sshd_service: ssh
 php_version: 7.4

vars/linuxmint-21.yml

@@ -6,23 +6,17 @@ is_ubuntu_2204: True
 is_linuxmint: True
 is_linuxmint_21: True
 
-# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dns_user: bind
-dhcp_service: isc-dhcp-server
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_user: www-data
 apache_conf_dir: apache2/sites-available
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: openssh-server
 sshd_service: ssh
 php_version: 8.1

vars/raspbian-11.yml

@@ -6,23 +6,17 @@ is_debian_11: True
 is_raspbian: True
 is_raspbian_11: True
 
-# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dns_user: bind
-dhcp_service: isc-dhcp-server
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_conf_dir: apache2/sites-available
 apache_user: www-data
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: ssh
 sshd_service: ssh
 php_version: 7.4

vars/ubuntu-2004.yml

@@ -4,23 +4,17 @@ is_debuntu: True
 is_ubuntu: True    # Opposite of is_debian for now
 is_ubuntu_2004: True
 
-# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dns_user: bind
-dhcp_service: isc-dhcp-server
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_user: www-data
 apache_conf_dir: apache2/sites-available
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: openssh-server
 sshd_service: ssh
 php_version: 7.4

vars/ubuntu-2204.yml

@@ -4,23 +4,17 @@ is_debuntu: True
 is_ubuntu: True    # Opposite of is_debian for now
 is_ubuntu_2204: True
 
-# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dns_user: bind
-dhcp_service: isc-dhcp-server
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_user: www-data
 apache_conf_dir: apache2/sites-available
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: openssh-server
 sshd_service: ssh
 php_version: 8.1

vars/ubuntu-2210.yml

@@ -4,23 +4,17 @@ is_debuntu: True
 is_ubuntu: True    # Opposite of is_debian for now
 is_ubuntu_2210: True
 
-# 2019-03-23: These apply if-only-if named_install and/or dhcpd_install are True
-# (This is quite rare now that vars/default_vars.yml sets dnsmasq_install: True)
-dns_service: bind9
-dns_user: bind
-dhcp_service: isc-dhcp-server
-
 proxy: squid
 proxy_user: proxy
 apache_service: apache2
 apache_user: www-data
 apache_conf_dir: apache2/sites-available
 apache_log_dir: /var/log/apache2
+apache_log: /var/log/apache2/access.log
 smb_service: smbd
 nmb_service: nmbd
 systemctl_program: /bin/systemctl
 mysql_service: mariadb
-apache_log: /var/log/apache2/access.log
 sshd_package: openssh-server
 sshd_service: ssh
 php_version: 8.1