From f24be12fc681d8e5c964cbb253d1052bb4a9b496 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 08:40:05 -0500 Subject: [PATCH 01/45] Update openvpn/tasks/main.yml --- roles/openvpn/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 8e32472fa..3463881a7 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -208,7 +208,7 @@ - option: name value: OpenVPN - option: description - value: "OpenVPN enables live/remote support by connecting machines anywhere on the Internet, via a middleman server, using Virtual Private Network (VPN) techniques to create secure connections." + value: '"OpenVPN enables live/remote support by connecting machines anywhere on the Internet, via a middleman server, using Virtual Private Network (VPN) techniques to create secure connections."' - option: enabled value: "{{ openvpn_enabled }}" # openvpn_handle variable can no longer be left completely undefined of August 2018 (EMPTY STRING "" IS TOLERATED, in which case OpenVPN server should use /etc/iiab/uuid in lieu of the handle) From 4a600681b7b2f940c50086fec9e9a5b366fe2969 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 08:47:39 -0500 Subject: [PATCH 02/45] Update wordpress/tasks/nginx.yml --- roles/wordpress/tasks/nginx.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/wordpress/tasks/nginx.yml b/roles/wordpress/tasks/nginx.yml index 348d06f45..c55d1223e 100644 --- a/roles/wordpress/tasks/nginx.yml +++ b/roles/wordpress/tasks/nginx.yml @@ -1,10 +1,10 @@ -- name: Enable http://box{{ wp_url }} via NGINX, by installing {{ nginx_conf_dir }}/wordpress-nginx.conf from template +- name: Enable http://box{{ wp_url }} via NGINX, by installing {{ nginx_conf_dir }}/wordpress-nginx.conf from template # http://box/wordpress template: src: wordpress-nginx.conf.j2 dest: "{{ nginx_conf_dir }}/wordpress-nginx.conf" # /etc/nginx/conf.d when: wordpress_enabled -- name: Disable http://box{{ wp_url }} via NGINX, by removing {{ nginx_conf_dir }}/wordpress-nginx.conf +- name: Disable http://box{{ wp_url }} via NGINX, by removing {{ nginx_conf_dir }}/wordpress-nginx.conf # http://box/wordpress file: path: "{{ nginx_conf_dir }}/wordpress-nginx.conf" # /etc/nginx/conf.d state: absent From 7ce7e7f9bfc6ad698df748899d23156b876123e2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 08:52:31 -0500 Subject: [PATCH 03/45] osm-vector-maps/tasks/nginx.yml --- roles/osm-vector-maps/tasks/nginx.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/osm-vector-maps/tasks/nginx.yml b/roles/osm-vector-maps/tasks/nginx.yml index 88ed0cc3d..b764220d6 100644 --- a/roles/osm-vector-maps/tasks/nginx.yml +++ b/roles/osm-vector-maps/tasks/nginx.yml @@ -1,12 +1,12 @@ - name: Enable http://box/maps & http://box/osm-vector-maps via NGINX, by installing {{ nginx_conf_dir }}/osm-vector-maps-nginx.conf from template template: src: osm-vector-maps-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf" + dest: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf" # /etc/nginx/conf.d when: osm_vector_maps_enabled | bool - name: Disable http://box/maps & http://box/osm-vector-maps via NGINX, by removing {{ nginx_conf_dir }}/osm-vector-maps-nginx.conf file: - path: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf" + path: "{{ nginx_conf_dir }}/osm-vector-maps-nginx.conf" # /etc/nginx/conf.d state: absent when: not osm_vector_maps_enabled From f897b4dce1512148d4f38bdaf7726e552ada6915 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 08:54:13 -0500 Subject: [PATCH 04/45] Create nextcloud/tasks/nginx.html --- roles/nextcloud/tasks/nginx.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 roles/nextcloud/tasks/nginx.yml diff --git a/roles/nextcloud/tasks/nginx.yml b/roles/nextcloud/tasks/nginx.yml new file mode 100644 index 000000000..80001b232 --- /dev/null +++ b/roles/nextcloud/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template # http://box/nextcloud + template: + src: nextcloud-nginx.conf.j2 + dest: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d + when: nextcloud_enabled | bool + +- name: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf # http://box/nextcloud + file: + path: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not nextcloud_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted From ce44f9c58ce5332c5c54ae9d8f1454188197f55b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 08:56:48 -0500 Subject: [PATCH 05/45] Create nextcloud/tasks/apache.yml --- roles/nextcloud/tasks/apache.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 roles/nextcloud/tasks/apache.yml diff --git a/roles/nextcloud/tasks/apache.yml b/roles/nextcloud/tasks/apache.yml new file mode 100644 index 000000000..30bf91694 --- /dev/null +++ b/roles/nextcloud/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box{{ nextcloud_url }} via Apache # http://box/nextcloud + command: a2ensite nextcloud.conf + when: nextcloud_enabled + +- name: Disable http://box{{ nextcloud_url }} via Apache # http://box/nextcloud + command: a2dissite nextcloud.conf + when: not nextcloud_enabled + +- name: Restart '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted From c99ad1a587ded3a4444c6ed91b09f859a97ba220 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:11:42 -0500 Subject: [PATCH 06/45] Delete nextcloud/tasks/enable.yml --- roles/nextcloud/tasks/enable.yml | 58 -------------------------------- 1 file changed, 58 deletions(-) delete mode 100644 roles/nextcloud/tasks/enable.yml diff --git a/roles/nextcloud/tasks/enable.yml b/roles/nextcloud/tasks/enable.yml deleted file mode 100644 index 2170bc9a9..000000000 --- a/roles/nextcloud/tasks/enable.yml +++ /dev/null @@ -1,58 +0,0 @@ -# Apache - -- name: Enable http://box{{ nextcloud_url }} via Apache # http://box/nextcloud - command: a2ensite nextcloud.conf - when: apache_install and nextcloud_enabled - -- name: Disable http://box{{ nextcloud_url }} via Apache # http://box/nextcloud - command: a2dissite nextcloud.conf - when: apache_install and not nextcloud_enabled - -- name: Restart Apache systemd service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" - state: restarted - when: apache_enabled | bool - -# NGINX - -- name: "SHIM: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template" # http://box/nextcloud - template: - src: nextcloud-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" - when: nginx_install and nextcloud_enabled - -- name: "SHIM: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf" # http://box/nextcloud - file: - path: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" - state: absent - when: nginx_install and not nextcloud_enabled - -- name: Restart 'nginx' systemd service - systemd: - name: nginx - state: restarted - when: nginx_enabled | bool - - -- name: Add 'nextcloud' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" - section: Nextcloud - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Nextcloud - - option: description - value: '"NextCloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."' - - option: path - value: "{{ nextcloud_prefix }}/nextcloud" - #- option: nextcloud_force_install - # value: "{{ nextcloud_force_install }}" - - option: nextcloud_orig_src_file - value: "{{ nextcloud_orig_src_file }}" - - option: nextcloud_src_file - value: "{{ nextcloud_src_file }}" - - option: nextcloud_enabled - value: "{{ nextcloud_enabled }}" From 9ebffba965846e974c6d93cea7d87e7c9944e319 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:21:00 -0500 Subject: [PATCH 07/45] Update nextcloud/tasks/install.yml --- roles/nextcloud/tasks/install.yml | 73 +++++++++++++++++-------------- 1 file changed, 39 insertions(+), 34 deletions(-) diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 188a343ef..30c7f9897 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -105,23 +105,23 @@ # NOT NEC TO TEST FOR is_raspbian_8 OR is_raspbian_9 AS /opt/iiab/iiab/vars/.yml # DEFINES THESE AS SUBSETS OF is_debian_8 OR is_debian_9 (FOR NOW!) -# we need to install the rpm in order to get the dependencies -# but we only need to do this the first time - -- name: Install 7 php packages (redhat) - package: - name: - - php - - php-gd - - php-json - - php-mysql - - php-curl - - php-intl - - php-mcrypt - # CentOS does not have a package for php-imagick - #- php-imagick - state: present - when: is_redhat | bool +## we need to install the rpm in order to get the dependencies +## but we only need to do this the first time +# +#- name: Install 7 php packages (redhat) +# package: +# name: +# - php +# - php-gd +# - php-json +# - php-mysql +# - php-curl +# - php-intl +# - php-mcrypt +# # CentOS does not have a package for php-imagick +# #- php-imagick +# state: present +# when: is_redhat | bool - name: Unarchive {{ nextcloud_src_file_old }} to permanent location {{ nextcloud_prefix }}/nextcloud on older OS's lacking PHP 7.1+ # i.e. unpack nextcloud_latest-15.tar.bz2 to /opt/nextcloud unarchive: @@ -139,32 +139,32 @@ when: php_new | bool #when: nextcloud_force_install and not (is_debian_9 or is_raspbian_9 or is_ubuntu_16) -- name: Create dir /etc/nextcloud (centos) for a subsequent config dir that's symlinked to /etc/nextcloud ? - file: - path: /etc/nextcloud - state: directory - when: is_centos | bool - -- name: Install {{ nextcloud_prefix }}/nextcloud/config/autoconfig.php from template (centos) - template: - src: autoconfig.php.j2 - dest: "{{ nextcloud_prefix }}/nextcloud/config/autoconfig.php" - owner: "{{ apache_user }}" - group: "{{ apache_user }}" - mode: '0640' - when: is_centos | bool +#- name: Create dir /etc/nextcloud (centos) for a subsequent config dir that's symlinked to /etc/nextcloud ? +# file: +# path: /etc/nextcloud +# state: directory +# when: is_centos | bool +# +#- name: Install {{ nextcloud_prefix }}/nextcloud/config/autoconfig.php from template (centos) +# template: +# src: autoconfig.php.j2 +# dest: "{{ nextcloud_prefix }}/nextcloud/config/autoconfig.php" +# owner: "{{ apache_user }}" +# group: "{{ apache_user }}" +# mode: '0640' +# when: is_centos | bool - name: chown -R {{ apache_user }}:{{ apache_user }} {{ nextcloud_prefix }}/nextcloud file: - path: "{{ nextcloud_prefix }}/nextcloud" + path: "{{ nextcloud_prefix }}/nextcloud" # /opt owner: "{{ apache_user }}" group: "{{ apache_user }}" recurse: yes state: directory -- name: Create data directory {{ nextcloud_data_dir }} # /opt/nextcloud/data +- name: Create data directory {{ nextcloud_data_dir }} file: - path: "{{ nextcloud_data_dir }}" + path: "{{ nextcloud_data_dir }}" # /opt/nextcloud/data owner: "{{ apache_user }}" group: "{{ apache_user }}" mode: '0750' @@ -175,6 +175,11 @@ src: nextcloud.conf.j2 dest: "/etc/{{ apache_config_dir }}/nextcloud.conf" + +- name: Provision Nextcloud's MySQL DB, run Nextcloud's install wizard etc + include_tasks: setup.yml + + - name: "Add 'nextcloud_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From f5180d99a2ebefff64e30e3976cbe360fcc0f372 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:22:32 -0500 Subject: [PATCH 08/45] Update nextcloud/tasks/main.yml --- roles/nextcloud/tasks/main.yml | 69 +++++++++++++++++++++++++++------- 1 file changed, 55 insertions(+), 14 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index b89120da4..abe6e4131 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -1,18 +1,59 @@ -- name: Does /opt/nextcloud/version.php exist? - stat: - path: "{{ nextcloud_prefix }}/nextcloud/version.php" - register: nextcloud_page +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: FORCE INSTALL OR REINSTALL OR UPGRADE IF {{ nextcloud_prefix }}/nextcloud/version.php DOESN'T EXIST - #set_fact: - # nextcloud_force_install: True +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "nextcloud_install is sameas true" (boolean not string etc) + assert: + that: nextcloud_install is sameas true + fail_msg: "PLEASE SET 'nextcloud_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "nextcloud_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: nextcloud_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'nextcloud_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + + +#- name: Does {{ nextcloud_prefix }}//nextcloud/version.php exist? # /opt +# stat: +# path: "{{ nextcloud_prefix }}/nextcloud/version.php" +# register: nextcloud_page + +- name: Install Nextcloud if 'nextcloud_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml - when: nextcloud_install and (not nextcloud_installed is defined or not nextcloud_page.stat.exists) + when: nextcloud_installed is undefined # or not nextcloud_page.stat.exists -- name: Provision Nextcloud's MySQL DB, run Nextcloud's install wizard, etc - include_tasks: setup.yml - when: nextcloud_install and not installing -- name: Enable or disable Nextcloud - include_tasks: enable.yml - when: nextcloud_install or nextcloud_installed is defined +- name: Enable/Disable/Restart Apache if primary + include_tasks: apache.yml + when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'nextcloud' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" + section: Nextcloud + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Nextcloud + - option: description + value: '"Nextcloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."' + - option: path + value: "{{ nextcloud_prefix }}/nextcloud" + - option: nextcloud_orig_src_file + value: "{{ nextcloud_orig_src_file }}" + - option: nextcloud_src_file + value: "{{ nextcloud_src_file }}" + - option: nextcloud_enabled + value: "{{ nextcloud_enabled }}" From 92433424cf9b486852026777449b546ab02b7252 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:25:23 -0500 Subject: [PATCH 09/45] Update cups/tasks/main.yml --- roles/cups/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 46f5959a6..a8ad276ee 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -74,7 +74,7 @@ - option: name value: CUPS - option: description - value: '"CUPS (Common UNIX Printing System) is a modular printing system that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' + value: '"CUPS (Common UNIX Printing System) is a modular printing system that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' - option: installed value: "{{ cups_install }}" - option: cups_enabled From 0e71e0fc7e4fc6049dac47717922381b964e9ce0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:26:49 -0500 Subject: [PATCH 10/45] Update kiwix/tasks/enable.yml --- roles/kiwix/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kiwix/tasks/enable.yml b/roles/kiwix/tasks/enable.yml index f4fff7ca2..0276b08a6 100644 --- a/roles/kiwix/tasks/enable.yml +++ b/roles/kiwix/tasks/enable.yml @@ -82,7 +82,7 @@ - option: name value: Kiwix - option: description - value: '"Part of https://github.com/kiwix/kiwix-tools/ - kiwix-serve is the most used web server for ZIM files."' + value: '"Part of https://github.com/kiwix/kiwix-tools/ -- kiwix-serve is the most used web server for ZIM files."' - option: kiwix_url value: "{{ kiwix_url }}" - option: kiwix_path From 281bb0ff51478e002a9284691dff27f4b74f1d7b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:28:49 -0500 Subject: [PATCH 11/45] Update sugarizer/tasks/enable.yml --- roles/sugarizer/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml index 37969819b..5e9667bd9 100644 --- a/roles/sugarizer/tasks/enable.yml +++ b/roles/sugarizer/tasks/enable.yml @@ -67,6 +67,6 @@ - option: name value: Sugarizer - option: description - value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' - option: sugarizer_enabled value: "{{ sugarizer_enabled }}" From 0a13340c3ecf628cb08b574d6105c647affcca3a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:45:18 -0500 Subject: [PATCH 12/45] Create apache.yml --- roles/sugarizer/tasks/apache.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 roles/sugarizer/tasks/apache.yml diff --git a/roles/sugarizer/tasks/apache.yml b/roles/sugarizer/tasks/apache.yml new file mode 100644 index 000000000..cab445322 --- /dev/null +++ b/roles/sugarizer/tasks/apache.yml @@ -0,0 +1,12 @@ +- name: Enable http://box/sugarizer & http://box/sugar via Apache + command: a2ensite sugarizer.conf + when: sugarizer_enabled + +- name: Disable http://box/sugarizer & http://box/sugar via Apache + command: a2dissite sugarizer.conf + when: not sugarizer_enabled + +- name: Restart '{{ apache_service }}' systemd service + systemd: + name: "{{ apache_service }}" # apache2 or httpd, as set in /opt/iiab/iiab/vars/.yml + state: restarted From ab0e9134e4b59a9fb3a05bbf903cef6cecce5f69 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:48:29 -0500 Subject: [PATCH 13/45] Update wordpress/tasks/nginx.yml --- roles/wordpress/tasks/nginx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wordpress/tasks/nginx.yml b/roles/wordpress/tasks/nginx.yml index c55d1223e..67be63850 100644 --- a/roles/wordpress/tasks/nginx.yml +++ b/roles/wordpress/tasks/nginx.yml @@ -2,7 +2,7 @@ template: src: wordpress-nginx.conf.j2 dest: "{{ nginx_conf_dir }}/wordpress-nginx.conf" # /etc/nginx/conf.d - when: wordpress_enabled + when: wordpress_enabled | bool - name: Disable http://box{{ wp_url }} via NGINX, by removing {{ nginx_conf_dir }}/wordpress-nginx.conf # http://box/wordpress file: From 84c4a8c1f2532bf439cd9b8ed1f8bec198daecd5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:48:58 -0500 Subject: [PATCH 14/45] Update wordpress/tasks/apache.yml --- roles/wordpress/tasks/apache.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wordpress/tasks/apache.yml b/roles/wordpress/tasks/apache.yml index 12949e363..7b76d43a7 100644 --- a/roles/wordpress/tasks/apache.yml +++ b/roles/wordpress/tasks/apache.yml @@ -1,6 +1,6 @@ - name: Enable http://box{{ wp_url }} via Apache # http://box/wordpress command: a2ensite wordpress.conf - when: wordpress_enabled + when: wordpress_enabled | bool - name: Disable http://box{{ wp_url }} via Apache # http://box/wordpress command: a2dissite wordpress.conf From 51b61b6966bfab448bae8adbb5795394b0bbc8f4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:51:07 -0500 Subject: [PATCH 15/45] Update nextcloud/tasks/apache.yml --- roles/nextcloud/tasks/apache.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/apache.yml b/roles/nextcloud/tasks/apache.yml index 30bf91694..f5de50ed7 100644 --- a/roles/nextcloud/tasks/apache.yml +++ b/roles/nextcloud/tasks/apache.yml @@ -1,6 +1,6 @@ - name: Enable http://box{{ nextcloud_url }} via Apache # http://box/nextcloud command: a2ensite nextcloud.conf - when: nextcloud_enabled + when: nextcloud_enabled | bool - name: Disable http://box{{ nextcloud_url }} via Apache # http://box/nextcloud command: a2dissite nextcloud.conf From ef46a9dfe557db499742fd2f4ddbf23cb2ab7cfa Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:52:27 -0500 Subject: [PATCH 16/45] Update munin/tasks/apache.yml --- roles/munin/tasks/apache.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/munin/tasks/apache.yml b/roles/munin/tasks/apache.yml index f77cebc13..757ddddaf 100644 --- a/roles/munin/tasks/apache.yml +++ b/roles/munin/tasks/apache.yml @@ -1,6 +1,6 @@ - name: Enable http://box/munin via Apache command: a2ensite munin24.conf - when: munin_enabled + when: munin_enabled | bool - name: Disable http://box/munin via Apache command: a2dissite munin24.conf From b907f5aa1cde22d219d99cc0c28fc76473c7722e Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:52:52 -0500 Subject: [PATCH 17/45] Update munin/tasks/nginx.yml --- roles/munin/tasks/nginx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/munin/tasks/nginx.yml b/roles/munin/tasks/nginx.yml index cd1094451..455e154b8 100644 --- a/roles/munin/tasks/nginx.yml +++ b/roles/munin/tasks/nginx.yml @@ -2,7 +2,7 @@ template: src: munin24-nginx.conf.j2 dest: "{{ nginx_conf_dir }}/munin24-nginx.conf" # /etc/nginx/conf.d - when: munin_enabled + when: munin_enabled | bool - name: Disable http://box/munin via NGINX, by installing {{ nginx_conf_dir }}/munin24-nginx.conf file: From e5d30b6c9dec0863aafc920a46dfc0e7515d2c8c Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 09:56:02 -0500 Subject: [PATCH 18/45] Create sugarizer/tasks/nginx.yml --- roles/sugarizer/tasks/nginx.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 roles/sugarizer/tasks/nginx.yml diff --git a/roles/sugarizer/tasks/nginx.yml b/roles/sugarizer/tasks/nginx.yml new file mode 100644 index 000000000..6bd937537 --- /dev/null +++ b/roles/sugarizer/tasks/nginx.yml @@ -0,0 +1,16 @@ +- name: Enable http://box/sugarizer via NGINX, by installing {{ nginx_conf_dir }}/sugarizer-nginx.conf from template + template: + src: sugarizer-nginx.conf + dest: "{{ nginx_conf_dir }}/sugarizer-nginx.conf" # /etc/nginx/conf.d + when: sugarizer_enabled | bool + +- name: Disable http://box/sugarizer via NGINX, by removing {{ nginx_conf_dir }}/sugarizer-nginx.conf + file: + path: "{{ nginx_conf_dir }}/sugarizer-nginx.conf" # /etc/nginx/conf.d + state: absent + when: not sugarizer_enabled + +- name: Restart 'nginx' systemd service + systemd: + name: nginx + state: restarted From ed67f64486de5af142ab6c14815e1d3dedb7a72b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:08:18 -0500 Subject: [PATCH 19/45] Update install.yml --- roles/sugarizer/tasks/install.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index 4bce51ced..d4a2e382d 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -1,3 +1,5 @@ +0. INSTALL / ASSERT PREREQS + - name: MONGODB - run the 'mongodb' role include_role: name: mongodb @@ -223,6 +225,9 @@ # # Use this instead, if tabs are truly nec: # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" + +6. RECORD THAT SUGARIZER INSTALL IS COMPLETE + - name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From 30567f5f5026c832c6af714d198b4955214104b8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:16:03 -0500 Subject: [PATCH 20/45] Update sugarizer/tasks/main.yml --- roles/sugarizer/tasks/main.yml | 79 +++++++++++++++++++++++++++++++--- 1 file changed, 73 insertions(+), 6 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 8eb963551..dd52a33bc 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -1,7 +1,74 @@ -- name: Install 'sugarizer' if sugarizer_install and not Debian 10+ - include_tasks: install.yml - when: not sugarizer_installed is defined and sugarizer_install and not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9)) +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 -- name: Enable 'sugarizer' if sugarizer_enabled - include_tasks: enable.yml - when: (sugarizer_install or sugarizer_installed is defined) and not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9)) +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "sugarizer_install is sameas true" (boolean not string etc) + assert: + that: sugarizer_install is sameas true + fail_msg: "PLEASE SET 'sugarizer_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "sugarizer_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: sugarizer_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'sugarizer_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: EXIT SUGARIZER PLAYBOOK, IF DEBIAN 10+ (where MongoDB doesn't exist) + meta: end_play + when: (is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9) + + +- name: Install Sugarizer if 'sugarizer_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml + include_tasks: install.yml + when: sugarizer_installed is undefined + + +# Auto-starts mongodb via the requires= line in unit file +- name: Enable & Restart 'sugarizer' systemd service, if sugarizer_enabled + systemd: + name: sugarizer + daemon_reload: yes # in case mongodb.service changed, etc + enabled: yes + state: restarted + when: sugarizer_enabled | bool + +# Stops sugarizer but not mongodb +- name: Disable & Stop 'sugarizer' systemd service, if not sugarizer_enabled + systemd: + name: sugarizer + enabled: no + state: stopped + when: not sugarizer_enabled + +# Stops mongodb (in the past this would've been called via meta/main.yml) +- name: Run mongodb/tasks/enable.yml to stop MongoDB, if not sugarizer_enabled + include_tasks: roles/mongodb/tasks/enable.yml + when: not sugarizer_enabled + +- name: Enable/Disable/Restart Apache if primary + include_tasks: apache.yml + when: not nginx_enabled + +- name: Enable/Disable/Restart NGINX if primary + include_tasks: nginx.yml + when: nginx_enabled | bool + + +- name: Add 'sugarizer' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" + section: sugarizer + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: Sugarizer + - option: description + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' + - option: sugarizer_enabled + value: "{{ sugarizer_enabled }}" From 5718a26e6813a84ef1d587acb9a438a49c6aff76 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:17:49 -0500 Subject: [PATCH 21/45] Delete sugarizer/tasks/enable.yml --- roles/sugarizer/tasks/enable.yml | 72 -------------------------------- 1 file changed, 72 deletions(-) delete mode 100644 roles/sugarizer/tasks/enable.yml diff --git a/roles/sugarizer/tasks/enable.yml b/roles/sugarizer/tasks/enable.yml deleted file mode 100644 index 5e9667bd9..000000000 --- a/roles/sugarizer/tasks/enable.yml +++ /dev/null @@ -1,72 +0,0 @@ -# auto starts mongodb via the requires= line in unit file -- name: Enable & Restart 'sugarizer' systemd service - systemd: - name: sugarizer - daemon_reload: yes # in case mongodb.service changed, etc - enabled: yes - state: restarted - when: sugarizer_enabled | bool - -# stops sugarizer but not mongodb -- name: Disable & Stop 'sugarizer' systemd service - systemd: - name: sugarizer - enabled: no - state: stopped - when: not sugarizer_enabled - -# stops mongodb would of been called via meta/main.yml prior -- name: Run mongodb/tasks/enable.yml to stop MongoDB, if not sugarizer_enabled - include_tasks: roles/mongodb/tasks/enable.yml - when: not sugarizer_enabled - -# Apache - -- name: Enable http://box/sugarizer & http://box/sugar via Apache - command: a2ensite sugarizer.conf - when: apache_install and sugarizer_enabled - -- name: Disable http://box/sugarizer & http://box/sugar via Apache - command: a2dissite sugarizer.conf - when: apache_install and not sugarizer_enabled - -- name: Restart Apache systemd service ({{ apache_service }}) - systemd: - name: "{{ apache_service }}" - state: restarted - when: apache_enabled | bool - -# NGINX - -- name: Enable http://box/sugarizer via NGINX, by installing {{ nginx_conf_dir }}/sugarizer-nginx.conf from template - template: - src: sugarizer-nginx.conf - dest: "{{ nginx_conf_dir }}/sugarizer-nginx.conf" - when: nginx_install and sugarizer_enabled - -- name: Disable http://box/sugarizer via NGINX, by removing {{ nginx_conf_dir }}/sugarizer-nginx.conf - file: - path: "{{ nginx_conf_dir }}/sugarizer-nginx.conf" - state: absent - when: nginx_install and not sugarizer_enabled - -- name: Restart 'nginx' systemd service - systemd: - name: nginx - state: restarted - when: nginx_enabled | bool - - -- name: Add 'sugarizer' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" - section: sugarizer - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: Sugarizer - - option: description - value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' - - option: sugarizer_enabled - value: "{{ sugarizer_enabled }}" From 5059119d2e9e6b4c126c78c8aeb3b3aac23f7b77 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:21:15 -0500 Subject: [PATCH 22/45] Update sugarizer/tasks/install.yml --- roles/sugarizer/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index d4a2e382d..d71ef7313 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -226,7 +226,7 @@ # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -6. RECORD THAT SUGARIZER INSTALL IS COMPLETE +6. RECORD THAT SUGARIZER IS INSTALLED - name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" lineinfile: From a0fb424d0f9ed1dd0ba70924a2fb433ae0884f8b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:23:00 -0500 Subject: [PATCH 23/45] Update mongodb/tasks/install.yml --- roles/mongodb/tasks/install.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index 06ebf6eb6..04c94a3d7 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -101,7 +101,7 @@ when: is_rpi | bool -# 2. CONFIGURE FOR IIAB +# 2. CONFIGURE MongoDB FOR IIAB - name: 'Create 3 dirs for MongoDB: /var/lib/mongodb, /var/log/mongodb, {{ mongodb_db_path }}' file: @@ -127,6 +127,9 @@ - { src: 'mongodb.service.j2', dest: '/etc/systemd/system/mongodb.service', mode: '0644' } - { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' } + +3. RECORD THAT MongoDB IS INSTALLED + - name: "Add 'mongodb_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From a999e2f0d03f14e32396e59dd0c0287c1f3548b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:24:34 -0500 Subject: [PATCH 24/45] Update sugarizer/tasks/install.yml --- roles/sugarizer/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index d71ef7313..38bb16e2e 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -226,7 +226,7 @@ # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -6. RECORD THAT SUGARIZER IS INSTALLED +6. RECORD THAT Sugarizer IS INSTALLED - name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" lineinfile: From 693e28a70e52a9571a276d20aec12eaf4942d540 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:29:28 -0500 Subject: [PATCH 25/45] Update sugarizer/tasks/main.yml --- roles/sugarizer/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index dd52a33bc..456bf988e 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -61,7 +61,7 @@ - name: Add 'sugarizer' variable values to {{ iiab_ini_file }} ini_file: - path: "{{ iiab_ini_file }}" + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini section: sugarizer option: "{{ item.option }}" value: "{{ item.value | string }}" From 0b2f639a0344de66e8fe63db43f98d89bf55acc4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:47:34 -0500 Subject: [PATCH 26/45] Update nextcloud/tasks/main.yml --- roles/nextcloud/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index abe6e4131..89bf6fd85 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -40,7 +40,7 @@ - name: Add 'nextcloud' variable values to {{ iiab_ini_file }} ini_file: - path: "{{ iiab_ini_file }}" + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini section: Nextcloud option: "{{ item.option }}" value: "{{ item.value | string }}" From 18b4a28407866d08e4f31e8cccdbf91fc69faffe Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:48:23 -0500 Subject: [PATCH 27/45] Update gitea/tasks/enable.yml --- roles/gitea/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/gitea/tasks/enable.yml b/roles/gitea/tasks/enable.yml index 925f5c041..c72f5f065 100644 --- a/roles/gitea/tasks/enable.yml +++ b/roles/gitea/tasks/enable.yml @@ -58,7 +58,7 @@ value: "{{ item.value | string }}" with_items: - option: name - value: gitea + value: Gitea - option: description value: '"Gitea is like GitHub for more offline communities: Git with a cup of tea"' - option: gitea_run_directory From d30e0f610bbc65e408792569fc03d1db98820da4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:49:29 -0500 Subject: [PATCH 28/45] Update mediawiki/tasks/enable.yml --- roles/mediawiki/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/mediawiki/tasks/enable.yml b/roles/mediawiki/tasks/enable.yml index d086b7193..df0ed43cd 100644 --- a/roles/mediawiki/tasks/enable.yml +++ b/roles/mediawiki/tasks/enable.yml @@ -43,7 +43,7 @@ value: "{{ item.value | string }}" with_items: - option: name - value: mediawiki + value: MediaWiki - option: description value: '"MediaWiki is a blog and web site management application, from the people who create Wikipedia."' - option: mediawiki_src From 4fd8f5dc5bba53cd544b6ca68d2b08a7d6ac655c Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:50:10 -0500 Subject: [PATCH 29/45] Update transmission/tasks/main.yml --- roles/transmission/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/transmission/tasks/main.yml b/roles/transmission/tasks/main.yml index 7c7d3c292..3a7646f83 100644 --- a/roles/transmission/tasks/main.yml +++ b/roles/transmission/tasks/main.yml @@ -69,7 +69,7 @@ value: "{{ item.value | string }}" with_items: - option: name - value: transmission + value: Transmission - option: description value: '"Transmission is a set of lightweight BitTorrent clients (in GUI, CLI and daemon form)."' - option: transmission_install From ead685692d1c290d23d8acce722697ffa7f1624b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:51:03 -0500 Subject: [PATCH 30/45] Update calibre-web/tasks/enable.yml --- roles/calibre-web/tasks/enable.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index 6e36672b2..9f0295dde 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -64,7 +64,7 @@ value: "{{ item.value | string }}" with_items: - option: name - value: calibre-web + value: Calibre-Web - option: description value: '"Calibre-Web is a web app providing a clean interface for browsing, reading and downloading e-books."' - option: calibreweb_url1 From c89b5e0742b1e9cc77b58ac86902aeefe117234b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 10:52:30 -0500 Subject: [PATCH 31/45] Delete mongodb/tasks/enable.yml --- roles/mongodb/tasks/enable.yml | 38 ---------------------------------- 1 file changed, 38 deletions(-) delete mode 100644 roles/mongodb/tasks/enable.yml diff --git a/roles/mongodb/tasks/enable.yml b/roles/mongodb/tasks/enable.yml deleted file mode 100644 index b615034e1..000000000 --- a/roles/mongodb/tasks/enable.yml +++ /dev/null @@ -1,38 +0,0 @@ -# 3. ENABLE/DISABLE - -# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False -# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own - -- name: Enable & Restart 'mongodb' systemd service if mongodb_enabled, incl daemon-reload (in case mongodb.service changed?) - systemd: - name: mongodb - daemon_reload: yes - enabled: yes - state: restarted - when: mongodb_enabled | bool - -- name: Disable 'mongodb' service, if not mongodb_enabled - systemd: - name: mongodb - daemon_reload: yes - enabled: no - state: stopped - when: not mongodb_enabled - - -# 4. DOCUMENT IN /etc/iiab/iiab.ini - -- name: Add 'mongodb' variable values to {{ iiab_ini_file }} - ini_file: - path: "{{ iiab_ini_file }}" - section: mongodb - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: name - value: MongoDB - - option: description - value: '"MongoDB is an open-source document database that provides high performance, high availability, and automatic scaling."' - - option: enabled - value: "{{ mongodb_enabled }}" - From d4f347b85d85f6032c8c6100afa3f529ee743597 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:02:12 -0500 Subject: [PATCH 32/45] Update mongodb/tasks/main.yml --- roles/mongodb/tasks/main.yml | 59 +++++++++++++++++++++++++++++++++--- 1 file changed, 55 insertions(+), 4 deletions(-) diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 61a2aa429..5263fa695 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -1,11 +1,62 @@ +# "How do i fail a task in Ansible if the variable contains a boolean value? +# I want to perform input validation for Ansible playbooks" +# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499 + +# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need +# to re-check whether vars are defined here. As Ansible vars cannot be unset: +# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible + +- name: Assert that "mongodb_install is sameas true" (boolean not string etc) + assert: + that: mongodb_install is sameas true + fail_msg: "PLEASE SET 'mongodb_install: True' e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: Assert that "mongodb_enabled | type_debug == 'bool'" (boolean not string etc) + assert: + that: mongodb_enabled | type_debug == 'bool' + fail_msg: "PLEASE GIVE VARIABLE 'mongodb_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" + quiet: yes + +- name: EXIT MONGODB PLAYBOOK, IF DEBIAN 10+ (where MongoDB doesn't exist) + meta: end_play + when: (is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9) + + # 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False # works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own - name: Install 'mongodb' if not Debian 10+ include_tasks: install.yml - when: not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9)) and not mongodb_installed is defined + when: mongodb_installed is undefined -- name: Enable 'mongodb' if not Debian 10+ - include_tasks: enable.yml - when: not ((is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9)) or mongodb_installed is defined +- name: Enable & Restart 'mongodb' systemd service if mongodb_enabled, incl daemon-reload (in case mongodb.service changed?) + systemd: + name: mongodb + daemon_reload: yes + enabled: yes + state: restarted + when: mongodb_enabled | bool + +- name: Disable 'mongodb' service, if not mongodb_enabled + systemd: + name: mongodb + enabled: no + state: stopped + when: not mongodb_enabled + + +- name: Add 'mongodb' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini + section: mongodb + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: MongoDB + - option: description + value: '"MongoDB is an open-source document database that provides high performance, high availability, and automatic scaling."' + - option: enabled + value: "{{ mongodb_enabled }}" From 48b0b262854dcc3c612dce228427c6ea73bb008e Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:41:56 -0500 Subject: [PATCH 33/45] Update sugarizer/tasks/install.yml --- roles/sugarizer/tasks/install.yml | 41 +++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 7 deletions(-) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index 38bb16e2e..fc7825b68 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -1,17 +1,44 @@ -0. INSTALL / ASSERT PREREQS +0. ATTEMPT INSTALL-THEN-ASSERT OF (1) HARD PREREQ Node.js (2) SOFT PREREQ MongoDB -- name: MONGODB - run the 'mongodb' role - include_role: - name: mongodb +- set_fact: + nodejs_install: True + nodejs_enabled: True - name: NODEJS - run the 'nodejs' role include_role: name: nodejs -- name: FAIL (STOP INSTALLING) IF nodejs_version is not set to 12.x +- name: FAIL (STOP THE INSTALL) IF nodejs_installed is undefined fail: - msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, and your nodejs_version is set to {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml and possibly also /etc/iiab/local_vars.yml" - when: sugarizer_install and (nodejs_version != "12.x") + msg: "Sugarizer install cannot proceed, as Node.js failed to install." + when: nodejs_installed is undefined + +- name: FAIL (STOP THE INSTALL) IF nodejs_version != "12.x" + fail: + msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, and your nodejs_version appears to be {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc!" + when: nodejs_version != "12.x" + +- set_fact: + mongodb_install: True + mongodb_enabled: True + +- name: MONGODB - run the 'mongodb' role + include_role: + name: mongodb + +# 2020-01-29: FOR NOW LET'S TRY A VERY SOFT (BEST EFFORT) PREREQ, AS Sugarizer +# TRADITIONALLY CAN WORK (?) EVEN WITHOUT MongoDB. IF LATER WE INSTEAD WANT TO +# ENFORCE MongoDB...AS A MEDIUM-STRENGTH PREREQ...OR AS A HARD (STRICT) PREREQ +# ...THEN UNCOMMENT EITHER BELOW: +# +#- name: EXIT SUGARIZER PLAYBOOK (BUT CONTINUE INSTALLING IIAB) IF mongodb_installed is undefined +# meta: end_play +# when: mongodb_installed is undefined +# +#- name: FAIL (STOP THE INSTALL) IF mongodb_installed is undefined +# fail: +# msg: "Sugarizer install cannot proceed, as MongoDB failed to install." +# when: mongodb_installed is undefined # 1. DOWNLOAD+LINK /opt/iiab/sugarizer From 91698ac126dd9bbf8c9b939935b64c3111b67878 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:42:18 -0500 Subject: [PATCH 34/45] Update sugarizer/tasks/main.yml --- roles/sugarizer/tasks/main.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index 456bf988e..ef5b79c5b 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -18,10 +18,6 @@ fail_msg: "PLEASE GIVE VARIABLE 'sugarizer_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml" quiet: yes -- name: EXIT SUGARIZER PLAYBOOK, IF DEBIAN 10+ (where MongoDB doesn't exist) - meta: end_play - when: (is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9) - - name: Install Sugarizer if 'sugarizer_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml From 33f41bd92c03464ce2d69ec324dffc05a65dd2c9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:43:59 -0500 Subject: [PATCH 35/45] Update mongodb/tasks/install.yml --- roles/mongodb/tasks/install.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index 04c94a3d7..f169f81b6 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -130,6 +130,9 @@ 3. RECORD THAT MongoDB IS INSTALLED +- set_fact: + mongodb_installed: True + - name: "Add 'mongodb_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From 268caead67dd7cb95f498a25242c7e92cbe742b2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:46:03 -0500 Subject: [PATCH 36/45] Update nodejs/tasks/main.yml --- roles/nodejs/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index 6419032b4..b5eb22882 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -150,6 +150,12 @@ # thankfully; currently both offer Node.js 10.15.2 + +3. RECORD THAT Node.js IS INSTALLED + +- set_fact: + nodejs_installed: True + - name: "Add 'nodejs_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From 31add1b8c135c60305a66062b37c2dbe893812c5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:50:12 -0500 Subject: [PATCH 37/45] Update postgresql/tasks/main.yml --- roles/postgresql/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index a995b7ada..2e34a3ee1 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -85,6 +85,11 @@ state: stopped enabled: no +# RECORD PostgreSQL AS INSTALLED + +- set_fact: + postgresql_installed: True + - name: "Add 'postgresql_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From 185efb36da2b6e660c82fe11030c71d3a2879eab Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:51:44 -0500 Subject: [PATCH 38/45] Update nodejs/tasks/main.yml --- roles/nodejs/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index b5eb22882..476f12e35 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -151,7 +151,7 @@ -3. RECORD THAT Node.js IS INSTALLED +3. RECORD Node.js AS INSTALLED - set_fact: nodejs_installed: True From 1c31cb76342c3b8cb6011643bafce39f07416e85 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:52:42 -0500 Subject: [PATCH 39/45] Update mongodb/tasks/install.yml --- roles/mongodb/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index f169f81b6..9586da539 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -128,7 +128,7 @@ - { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' } -3. RECORD THAT MongoDB IS INSTALLED +3. RECORD MongoDB AS INSTALLED - set_fact: mongodb_installed: True From a63347e68236bbf2d11ac24197ea5a0d77bfe8dc Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:53:51 -0500 Subject: [PATCH 40/45] Update sugarizer/tasks/install.yml --- roles/sugarizer/tasks/install.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index fc7825b68..ef80cc884 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -253,7 +253,10 @@ # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -6. RECORD THAT Sugarizer IS INSTALLED +6. RECORD Sugarizer AS INSTALLED + +- set_fact: + sugarizer_installed: True - name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" lineinfile: From a6112381a3e22d4ede826a2c621cdbbca813fa9f Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2020 11:55:58 -0500 Subject: [PATCH 41/45] Update roles/mysql/tasks/main.yml --- roles/mysql/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 706b1a4c3..9f8d484b5 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -114,6 +114,11 @@ # line: "TimeoutStartSec=180" when: mariadb_unit_file.stat.exists +# RECORD MySQL AS INSTALLED + +- set_fact: + mysql_installed: True + - name: "Add 'mysql_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml From 814efd5a02e464b85db00e99933fac562325a427 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 30 Jan 2020 04:00:00 -0500 Subject: [PATCH 42/45] Mostly var cleanup across ~80 files --- .../activity-server/tasks/main.yml | 2 +- .../dokuwiki/tasks/install.yml | 4 +- .../moodle-1.9/moodle/tasks/main.yml | 4 +- roles/0-DEPRECATED-ROLES/osm/tasks/main.yml | 10 +- .../owncloud/tasks/owncloud_enabled.yml | 2 +- .../pathagar/tasks/main.yml | 4 +- .../rachel/tasks/rachel_enabled.yml | 2 +- .../schooltool/tasks/main.yml | 2 +- roles/4-server-options/tasks/main.yml | 4 +- roles/awstats/tasks/install.yml | 11 +- roles/azuracast/tasks/install.yml | 7 ++ roles/bluetooth/tasks/install.yml | 7 ++ roles/calibre-web/tasks/enable.yml | 8 +- roles/calibre-web/tasks/install.yml | 23 ++-- roles/calibre/tasks/install.yml | 14 ++- roles/captiveportal/tasks/install.yml | 7 ++ roles/captiveportal/tasks/main.yml | 2 +- roles/cups/tasks/main.yml | 49 +++++--- roles/elgg/tasks/install.yml | 19 ++- roles/gitea/tasks/install.yml | 24 ++-- roles/homepage/tasks/main.yml | 8 +- roles/httpd/tasks/enable.yml | 14 +-- roles/httpd/tasks/install.yml | 7 ++ roles/internetarchive/tasks/enable.yml | 2 +- roles/internetarchive/tasks/install.yml | 36 ++++-- roles/kalite/tasks/install.yml | 13 +-- roles/kalite/tasks/setup.yml | 11 +- roles/kiwix/tasks/install.yml | 12 +- roles/kolibri/tasks/install.yml | 7 ++ roles/lokole/tasks/install.yml | 11 +- roles/mediawiki/tasks/install.yml | 11 +- roles/minetest/tasks/provision.yml | 15 ++- roles/mongodb/tasks/install.yml | 5 +- roles/mongodb/tasks/main.yml | 5 +- roles/monit/tasks/install.yml | 7 ++ roles/moodle/tasks/install.yml | 11 +- roles/mosquitto/tasks/install.yml | 7 ++ roles/munin/tasks/install.yml | 9 +- roles/munin/tasks/main.yml | 2 +- roles/mysql/tasks/main.yml | 8 +- roles/network/tasks/named.yml | 4 +- roles/nextcloud/tasks/install.yml | 8 +- roles/nextcloud/tasks/main.yml | 16 ++- roles/nextcloud/tasks/nginx.yml | 4 +- roles/nginx/tasks/install.yml | 7 ++ roles/nodejs/tasks/main.yml | 5 +- roles/nodered/tasks/install.yml | 11 +- roles/openvpn/tasks/main.yml | 11 +- roles/osm-vector-maps/tasks/install.yml | 6 + roles/osm-vector-maps/tasks/main.yml | 2 +- roles/pbx/tasks/main.yml | 13 +++ roles/phpmyadmin/tasks/main.yml | 36 +++--- roles/postgresql/tasks/main.yml | 6 +- roles/samba/tasks/main.yml | 26 +++-- roles/sshd/tasks/main.yml | 40 ++++--- roles/sugarizer/tasks/install.yml | 27 ++++- roles/sugarizer/tasks/main.yml | 2 +- roles/transmission/tasks/main.yml | 11 +- roles/{usb-lib => usb_lib}/README.rst | 0 roles/{usb-lib => usb_lib}/defaults/main.yml | 0 roles/usb_lib/tasks/main.yml | 109 ++++++++++++++++++ .../main.yml => usb_lib/tasks/main.yml~} | 102 ++++++++-------- .../templates/content_dir.conf | 0 .../templates/iiab-usb_lib-show-all-off} | 0 .../templates/iiab-usb_lib-show-all-on} | 0 .../templates/mount.d/70-usb-library | 0 .../templates/umount.d/70-usb-library | 0 .../templates/usbmount.rules.j2 | 0 .../templates/usbmount@.service.j2 | 0 roles/vnstat/tasks/main.yml | 9 +- roles/wordpress/tasks/install.yml | 11 +- roles/wordpress/tasks/main.yml | 4 +- roles/yarn/tasks/main.yml | 19 ++- tests/test.yml | 2 +- vars/centos-7.yml | 3 +- vars/debian-10.yml | 3 +- vars/debian-8.yml | 3 +- vars/debian-9.yml | 3 +- vars/fedora-18.yml | 3 +- vars/fedora-22.yml | 3 +- vars/raspbian-10.yml | 3 +- vars/raspbian-8.yml | 3 +- vars/raspbian-9.yml | 3 +- vars/ubuntu-16.yml | 3 +- vars/ubuntu-17.yml | 3 +- vars/ubuntu-18.yml | 3 +- vars/ubuntu-19.yml | 3 +- vars/ubuntu-20.yml | 3 +- 88 files changed, 679 insertions(+), 260 deletions(-) rename roles/{usb-lib => usb_lib}/README.rst (100%) rename roles/{usb-lib => usb_lib}/defaults/main.yml (100%) create mode 100644 roles/usb_lib/tasks/main.yml rename roles/{usb-lib/tasks/main.yml => usb_lib/tasks/main.yml~} (59%) rename roles/{usb-lib => usb_lib}/templates/content_dir.conf (100%) rename roles/{usb-lib/templates/iiab-usb-lib-show-all-off => usb_lib/templates/iiab-usb_lib-show-all-off} (100%) rename roles/{usb-lib/templates/iiab-usb-lib-show-all-on => usb_lib/templates/iiab-usb_lib-show-all-on} (100%) rename roles/{usb-lib => usb_lib}/templates/mount.d/70-usb-library (100%) rename roles/{usb-lib => usb_lib}/templates/umount.d/70-usb-library (100%) rename roles/{usb-lib => usb_lib}/templates/usbmount.rules.j2 (100%) rename roles/{usb-lib => usb_lib}/templates/usbmount@.service.j2 (100%) diff --git a/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml b/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml index 6ba6e798a..61d4b6baa 100644 --- a/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/activity-server/tasks/main.yml @@ -72,7 +72,7 @@ - name: Copy xs-activity-server config file template: src=xs-activity-server.conf - dest=/etc/{{ apache_config_dir }} + dest=/etc/{{ apache_conf_dir }} owner=root group=root mode=0644 diff --git a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml index 22ef5318b..a640a4deb 100644 --- a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml +++ b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/install.yml @@ -29,10 +29,10 @@ state: link force: yes -- name: Install /etc/{{ apache_config_dir }}/dokuwiki.conf from template, for DokuWiki's http://box{{ dokuwiki_url }} +- name: Install /etc/{{ apache_conf_dir }}/dokuwiki.conf from template, for DokuWiki's http://box{{ dokuwiki_url }} template: src: dokuwiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/dokuwiki.conf" + dest: "/etc/{{ apache_conf_dir }}/dokuwiki.conf" # - name: Symlink /etc/apache2/sites-enabled/dokuwiki.conf to /etc/apache2/sites-available/dokuwiki.conf if dokuwiki_enabled (debuntu) # file: diff --git a/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml b/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml index f975c665f..3755bb5a6 100644 --- a/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/moodle-1.9/moodle/tasks/main.yml @@ -9,7 +9,7 @@ - download - name: Remove stock moodle conf - file: path='/etc/{{ apache_config_dir }}/moodle.conf' + file: path='/etc/{{ apache_conf_dir }}/moodle.conf' state=absent - name: Configure moodle @@ -21,7 +21,7 @@ mode={{ item.mode }} with_items: - src: '020-iiab-moodle.conf.j2' - dest: '/etc/{{ apache_config_dir }}/020-iiab-moodle.conf' + dest: '/etc/{{ apache_conf_dir }}/020-iiab-moodle.conf' mode: '0655' - src: 'moodle-xs.service.j2' dest: '/etc/systemd/system/moodle-xs.service' diff --git a/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml b/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml index 389da679b..20a38fac5 100644 --- a/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/osm/tasks/main.yml @@ -102,10 +102,10 @@ line: "path_to_virtualenv = '/usr/local/osm'" state: present -- name: Install /etc/{{ apache_config_dir }}/osm.conf from template +- name: Install /etc/{{ apache_conf_dir }}/osm.conf from template template: src: osm.conf.j2 - dest: "/etc/{{ apache_config_dir }}/osm.conf" + dest: "/etc/{{ apache_conf_dir }}/osm.conf" owner: root group: root mode: 0644 @@ -114,7 +114,7 @@ - name: Create softlink osm.conf from sites-enabled to sites-available (debuntu) file: - src: "/etc/{{ apache_config_dir }}/osm.conf" + src: "/etc/{{ apache_conf_dir }}/osm.conf" path: /etc/apache2/sites-enabled/osm.conf state: link when: osm_enabled and is_debuntu @@ -125,9 +125,9 @@ state: absent when: not osm_enabled and is_debuntu -- name: Remove /{{ apache_config_dir }}/osm.conf (redhat) +- name: Remove /{{ apache_conf_dir }}/osm.conf (redhat) file: - path: "/{{ apache_config_dir }}/osm.conf" + path: "/{{ apache_conf_dir }}/osm.conf" state: absent when: not osm_enabled and is_redhat diff --git a/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml b/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml index b7a47c05a..5f4d1569c 100644 --- a/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml +++ b/roles/0-DEPRECATED-ROLES/owncloud/tasks/owncloud_enabled.yml @@ -7,7 +7,7 @@ - name: Enable owncloud by copying template to httpd config template: src=owncloud.conf.j2 - dest=/etc/{{ apache_config_dir }}/owncloud.conf + dest=/etc/{{ apache_conf_dir }}/owncloud.conf owner=root group=root mode=0644 diff --git a/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml b/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml index 2744f8f7a..bd845ecc0 100644 --- a/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/pathagar/tasks/main.yml @@ -179,11 +179,11 @@ # group: root # mode: '0644' -- name: Install /etc/{{ apache_config_dir }}/pathagar.conf from template +- name: Install /etc/{{ apache_conf_dir }}/pathagar.conf from template template: src: pathagar.conf backup: yes - dest: "/etc/{{ apache_config_dir }}/pathagar.conf" + dest: "/etc/{{ apache_conf_dir }}/pathagar.conf" mode: 0644 - name: Enable Pathagar via Apache (debuntu) diff --git a/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml b/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml index 518cfc927..3d5b82731 100644 --- a/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml +++ b/roles/0-DEPRECATED-ROLES/rachel/tasks/rachel_enabled.yml @@ -1,6 +1,6 @@ - name: Copy RACHEL httpd conf file template: src=rachel.conf.j2 - dest=/etc/{{ apache_config_dir }}/rachel.conf + dest=/etc/{{ apache_conf_dir }}/rachel.conf - name: enable Rachel file: path=/etc/apache2/sites-enabled/rachel.conf diff --git a/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml b/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml index 2f41eefda..dad203f29 100644 --- a/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/schooltool/tasks/main.yml @@ -18,7 +18,7 @@ - dest: '/etc/systemd/system/schooltool.service' src: 'schooltool.service' mode: '0644' - - dest: '/etc/{{ apache_config_dir }}/schooltool.conf' + - dest: '/etc/{{ apache_conf_dir }}/schooltool.conf' src: 'schooltool.conf' mode: '0644' diff --git a/roles/4-server-options/tasks/main.yml b/roles/4-server-options/tasks/main.yml index 6c2c2abd2..e0eb29a66 100644 --- a/roles/4-server-options/tasks/main.yml +++ b/roles/4-server-options/tasks/main.yml @@ -22,9 +22,9 @@ name: bluetooth when: is_rpi and bluetooth_install # or bluetooth_installed is defined -- name: USB-LIB +- name: USB_LIB include_role: - name: usb-lib + name: usb_lib when: usb_lib_install | bool # This is in Stage 4-SERVER-OPTIONS (rather than 3-BASE-SERVER) because var diff --git a/roles/awstats/tasks/install.yml b/roles/awstats/tasks/install.yml index e2958907d..5656be24d 100644 --- a/roles/awstats/tasks/install.yml +++ b/roles/awstats/tasks/install.yml @@ -30,10 +30,10 @@ - "{{ apache_log_dir }}" - /usr/lib/cgi-bin/awstats # create backward compatible path for awstats -- name: Install /etc/{{ apache_config_dir }}/awstats.conf from template +- name: Install /etc/{{ apache_conf_dir }}/awstats.conf from template template: src: apache-awstats.conf - dest: "/etc/{{ apache_config_dir }}/awstats.conf" + dest: "/etc/{{ apache_conf_dir }}/awstats.conf" - name: Install /etc/logrotate.d/apache2 from template, to ensure logrotate doesn't make logs unreadable template: @@ -76,6 +76,13 @@ shell: /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -config=schoolserver -update # when: awstats_enabled | bool + +# RECORD AWStats AS INSTALLED + +- name: "Set 'awstats_installed: True'" + set_fact: + awstats_installed: True + - name: "Add 'awstats_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/azuracast/tasks/install.yml b/roles/azuracast/tasks/install.yml index 6cc0ed331..e927173cf 100644 --- a/roles/azuracast/tasks/install.yml +++ b/roles/azuracast/tasks/install.yml @@ -64,6 +64,13 @@ args: chdir: "{{ azuracast_host_dir }}" + +# RECORD AzuraCast AS INSTALLED + +- name: "Set 'azuracast_installed: True'" + set_fact: + azuracast_installed: True + - name: "Add 'azuracast_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/bluetooth/tasks/install.yml b/roles/bluetooth/tasks/install.yml index 30aca6282..5872ec99b 100644 --- a/roles/bluetooth/tasks/install.yml +++ b/roles/bluetooth/tasks/install.yml @@ -55,6 +55,13 @@ regexp: '^#DiscoverableTimeout' line: 'DiscoverableTimeout = 0' + +# RECORD Bluetooth AS INSTALLED + +- name: "Set 'bluetooth_installed: True'" + set_fact: + bluetooth_installed: True + - name: "Add 'bluetooth_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/calibre-web/tasks/enable.yml b/roles/calibre-web/tasks/enable.yml index 9f0295dde..07812fc59 100644 --- a/roles/calibre-web/tasks/enable.yml +++ b/roles/calibre-web/tasks/enable.yml @@ -35,17 +35,17 @@ # NGINX -# TO DO: restore http://box/libros & http://box/livres, along English (http://box/books) +# TO DO: restore http://box/libros & http://box/livres, alongside English (#2195) -- name: Enable http://box{{ calibreweb_url1 }} via NGINX, by installing {{ nginx_conf_dir }}/calibre-web-nginx.conf from template +- name: Enable http://box{{ calibreweb_url1 }} via NGINX, by installing {{ nginx_conf_dir }}/calibre-web-nginx.conf from template # http://box/books template: src: calibre-web-nginx.conf.j2 - dest: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" + dest: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" # /etc/nginx/conf.d when: nginx_install and calibreweb_enabled - name: Disable http://box{{ calibreweb_url1 }} via NGINX, by removing {{ nginx_conf_dir }}/calibre-web-nginx.conf file: - path: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" + path: "{{ nginx_conf_dir }}/calibre-web-nginx.conf" # /etc/nginx/conf.d state: absent when: nginx_install and not calibreweb_enabled diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index a71fe04c0..a6002e5c8 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -1,7 +1,6 @@ -- name: Install ImageMagick (debuntu) +- name: Install ImageMagick package (debuntu) package: - name: - - imagemagick + name: imagemagick state: present when: is_debuntu | bool @@ -14,12 +13,12 @@ state: present when: is_debuntu | bool -- name: Create 3 Calibre-Web folders to store data and configuration files +- name: "Create 3 Calibre-Web folders to store data and configuration files: {{ calibreweb_home }}, {{ calibreweb_venv_path }}, {{ calibreweb_config }}" file: path: "{{ item }}" owner: "{{ calibreweb_user }}" group: "{{ apache_user }}" - mode: 0755 + mode: '0755' state: directory with_items: - "{{ calibreweb_home }}" @@ -67,10 +66,11 @@ dest: "{{ item.dest }}" owner: root group: root - mode: 0644 + mode: '0644' with_items: - { src: 'calibre-web.service.j2', dest: '/etc/systemd/system/calibre-web.service' } - { src: 'calibre-web.conf.j2', dest: '/etc/apache2/sites-available/calibre-web.conf' } + when: apache_install | bool - name: Does /library/calibre-web/metadata.db exist? stat: @@ -83,7 +83,7 @@ dest: "{{ calibreweb_home }}" owner: "{{ calibreweb_user }}" group: "{{ apache_user }}" - mode: 0644 + mode: '0644' backup: yes with_items: - roles/calibre-web/files/metadata.db @@ -97,11 +97,18 @@ dest: "{{ calibreweb_config }}" owner: "{{ calibreweb_user }}" group: "{{ apache_user }}" - mode: 0644 + mode: '0644' backup: yes when: not metadatadb.stat.exists #when: calibreweb_provision | bool + +# RECORD Calibre-Web AS INSTALLED + +- name: "Set 'calibreweb_installed: True'" + set_fact: + calibreweb_installed: True + - name: "Add 'calibreweb_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/calibre/tasks/install.yml b/roles/calibre/tasks/install.yml index 93f9df09a..1f2fc58bb 100644 --- a/roles/calibre/tasks/install.yml +++ b/roles/calibre/tasks/install.yml @@ -31,6 +31,9 @@ # - run testing branch for Ubuntu 16.04: scripts/calibre-install-latest.sh # - run unstable branch for Debian etc: scripts/calibre-install-unstable.sh + +# 2. SYSTEMD SERVICES + - name: Create calibre-serve.service and calibre.conf (IF /usr/bin/calibre WAS MISSING) template: src: "{{ item.src }}" @@ -42,7 +45,7 @@ #register: calibre_config with_items: - { src: 'calibre-serve.service.j2', dest: '/etc/systemd/system/calibre-serve.service', mode: '0644'} - - { src: 'calibre.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'} + - { src: 'calibre.conf', dest: '/etc/{{ apache_conf_dir }}', mode: '0644'} when: (not calib_executable.stat.exists) - name: Stop service 'calibre-serve' (/usr/bin/calibre-server by Kovid Goyal) @@ -51,6 +54,7 @@ state: stopped daemon_reload: yes + # 3. CREATE USER DATABASE - name: Create /library/calibre (mandatory since Calibre 3.x) @@ -68,6 +72,7 @@ mode: 0644 when: (not calib_executable.stat.exists) + # 4. CREATE CONTENT DATABASE WITH A SAMPLE BOOK (REQUIRED AS OF CALIBRE 3.x) - name: Does /library/calibre/metadata.db exist? @@ -79,6 +84,13 @@ include_tasks: create-db.yml when: not calibre_db.stat.exists + +# 5. RECORD Calibre AS INSTALLED + +- name: "Set 'calibre_installed: True'" + set_fact: + calibre_installed: True + - name: "Add 'calibre_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/captiveportal/tasks/install.yml b/roles/captiveportal/tasks/install.yml index 5d684e198..5ef5406ec 100644 --- a/roles/captiveportal/tasks/install.yml +++ b/roles/captiveportal/tasks/install.yml @@ -52,6 +52,13 @@ args: creates: /etc/nginx/sites-available/capture.conf + +# RECORD Captive Portal AS INSTALLED + +- name: "Set 'captiveportal_installed: True'" + set_fact: + captiveportal_installed: True + - name: "Add 'captiveportal_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index fffd70134..34347948e 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install Captive Portal if 'captiveportal_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Captive Portal if 'captiveportal_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: captiveportal_installed is undefined diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index a8ad276ee..d071b22cc 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -1,20 +1,33 @@ -# administer this service by browsing to localhost:631 +# Administer CUPS at http://box:631 +# Above URL does NOT work over OpenVPN (ANYONE KNOW WHY?) + +# TO DO: +# - validate input vars + prereqs +# - move 5 top stanzas into install.yml +# - move 5-7 next stanzas into enable-or-disable.yml + + - name: Install 'cups' package package: name: cups state: present - when: cups_install | bool - #tags: download - name: Install our own /etc/cups/cupsd.conf from template, to permit local LAN admin template: src: cupsd.conf dest: /etc/cups/cupsd.conf -- name: Install /etc/{{ apache_config_dir }}/cups.conf from template +- name: Install /etc/{{ apache_conf_dir }}/cups.conf from template template: src: cups.conf - dest: "/etc/{{ apache_config_dir }}/" + dest: "/etc/{{ apache_conf_dir }}/" + + +# RECORD CUPS AS INSTALLED + +- name: "Set 'cups_installed: True'" + set_fact: + cups_installed: True - name: "Add 'cups_installed: True' to {{ iiab_state_file }}" lineinfile: @@ -22,11 +35,16 @@ regexp: '^cups_installed' line: 'cups_installed: True' + - name: Enable http://box/cups via Apache (MIGHT NOT WORK?) command: a2ensite cups.conf - when: cups_enabled + when: cups_enabled | bool -- name: Enable & Start services 'cups' and 'cups-browsed' (OS's other than Fedora 18) +- name: Disable http://box/cups via Apache + command: a2dissite cups.conf + when: not cups_enabled + +- name: Enable & Start 'cups' and 'cups-browsed' systemd services (OS's other than Fedora 18) service: name: "{{ item }}" state: started @@ -36,34 +54,35 @@ - cups-browsed when: cups_enabled and not is_F18 -- name: Enable & Start service 'cups' (Fedora 18, for XO laptops) +- name: Enable & Start 'cups' systemd service (Fedora 18, for XO laptops) systemd: name: cups state: started enabled: yes when: cups_enabled and is_F18 -- name: Permit headless admin of CUPS -- only works when CUPS daemon is running +- name: Permit headless admin of CUPS -- only works when CUPS daemon is running, if cups_enabled shell: "cupsctl --remote-admin" when: cups_enabled | bool -- name: Disable both CUPS services (OS's other than Fedora 18) +- name: Disable & Stop 'cups' & 'cups-browsed' systemd services (OS's other than Fedora 18) systemd: name: "{{ item }}" - state: stopped enabled: no + state: stopped with_items: - cups - cups-browsed when: not cups_enabled and not is_F18 -- name: Disable services for CUPS (Fedora 18, for XO laptops) +- name: Disable & Stop 'cups' systemd service (Fedora 18, for XO laptops) systemd: name: cups - state: stopped enabled: no + state: stopped when: not cups_enabled and is_F18 + - name: Add 'cups' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" @@ -75,7 +94,7 @@ value: CUPS - option: description value: '"CUPS (Common UNIX Printing System) is a modular printing system that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' - - option: installed + - option: install value: "{{ cups_install }}" - - option: cups_enabled + - option: enabled value: "{{ cups_enabled }}" diff --git a/roles/elgg/tasks/install.yml b/roles/elgg/tasks/install.yml index 0ab9a7a04..484c9ab78 100644 --- a/roles/elgg/tasks/install.yml +++ b/roles/elgg/tasks/install.yml @@ -48,9 +48,9 @@ copy: src: "/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" dest: "/opt/{{ elgg_xx }}/.htaccess" - mode: 0644 owner: "{{ apache_user }}" group: "{{ apache_user }}" + mode: '0644' #regexp='^#RewriteBase' - name: Change .htaccess to include RewriteBase for http://box{{ elgg_url }} # http://box/elgg @@ -63,18 +63,18 @@ - name: Set /opt/elgg/engine directory permissions to 0755 so Apache can write there file: + state: directory path: /opt/elgg/engine/ owner: "{{ apache_user }}" - mode: 0755 - state: directory + mode: '0755' - name: Change /opt/elgg-{{ elgg_version }} ownership to {{ apache_user }}:{{ apache_user }} (likely not nec, as unarchive & all do this above) file: + state: directory # Overkill given recurse below? path: "/opt/elgg-{{ elgg_version }}" owner: "{{ apache_user }}" group: "{{ apache_user }}" recurse: yes - state: directory - name: Create upload directory {{ elgg_upload_path }} that Apache (and Elgg) can write to file: @@ -82,10 +82,17 @@ state: directory owner: "{{ apache_user }}" -- name: Install /etc/{{ apache_config_dir }}/elgg.conf from template, for http://box{{ elgg_url }} # http://box/elgg +- name: Install /etc/{{ apache_conf_dir }}/elgg.conf from template, for http://box{{ elgg_url }} # http://box/elgg template: src: elgg.conf - dest: "/etc/{{ apache_config_dir }}/elgg.conf" + dest: "/etc/{{ apache_conf_dir }}/elgg.conf" + + +# RECORD Elgg AS INSTALLED + +- name: "Set 'elgg_installed: True'" + set_fact: + elgg_installed: True - name: "Add 'elgg_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index e06c1c68b..498fa4b9e 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -4,14 +4,12 @@ systemd: name: gitea state: stopped - #tags: pre-install ignore_errors: yes - name: Ensure group gitea exists group: name: gitea state: present - #tags: pre-install - name: Create user gitea user: @@ -19,7 +17,6 @@ comment: Gitea daemon account groups: gitea home: "{{ gitea_home }}" - #tags: pre-install - name: Create Gitea directory structure file: @@ -28,7 +25,6 @@ owner: gitea group: gitea with_items: "{{ gitea_subdirectories }}" - #tags: pre-install - name: Make directories data, indexers, and log writable file: @@ -38,7 +34,6 @@ - data - indexers - log - #tags: pre-install # Download, verify, and link Gitea binary @@ -59,24 +54,21 @@ get_url: url: "{{ gitea_integrity_url }}" dest: "{{ gitea_checksum_path }}" - #tags: never, verify when: internet_available | bool - name: Verify Gitea binary with GPG signature shell: | gpg --keyserver pgp.mit.edu --recv {{ gitea_gpg_key }} gpg --verify {{ gitea_checksum_path }} {{ gitea_install_path }} - #tags: never, verify ignore_errors: yes -- name: Link Gitea +- name: Symlink {{ gitea_link_path }} -> {{ gitea_install_path }} file: src: "{{ gitea_install_path }}" - dest: "{{ gitea_link_path }}" + path: "{{ gitea_link_path }}" owner: gitea group: gitea state: link - #tags: install # Configure Gitea @@ -87,12 +79,11 @@ - name: Create Gitea config directory file: - path: /etc/gitea state: directory + path: /etc/gitea owner: root group: gitea mode: '0770' - #tags: config - name: Create app.ini template: @@ -110,7 +101,14 @@ dest: "{{ item.dest }}" with_items: - { src: 'gitea.service.j2', dest: '/etc/systemd/system/gitea.service' } - - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_config_dir }}/gitea.conf" } + - { src: 'gitea.conf.j2', dest: "/etc/{{ apache_conf_dir }}/gitea.conf" } + + +# RECORD Gitea AS INSTALLED + +- name: "Set 'gitea_installed: True'" + set_fact: + gitea_installed: True - name: "Add 'gitea_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/homepage/tasks/main.yml b/roles/homepage/tasks/main.yml index 71a6fcf2b..d54a806ee 100644 --- a/roles/homepage/tasks/main.yml +++ b/roles/homepage/tasks/main.yml @@ -6,14 +6,14 @@ mode: 0755 state: directory -- name: Install /etc/{{ apache_config_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ +- name: Install /etc/{{ apache_conf_dir }}/iiab-homepage.conf from template, for http://box redirect to http://box/home/ template: src: iiab-homepage.conf - dest: "/etc/{{ apache_config_dir }}/iiab-homepage.conf" + dest: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" -- name: Symlink /etc/apache2/sites-enabled/iiab-homepage.conf to /etc/{{ apache_config_dir }}/iiab-homepage.conf (debuntu) +- name: Symlink /etc/apache2/sites-enabled/iiab-homepage.conf to /etc/{{ apache_conf_dir }}/iiab-homepage.conf (debuntu) file: - src: "/etc/{{ apache_config_dir }}/iiab-homepage.conf" + src: "/etc/{{ apache_conf_dir }}/iiab-homepage.conf" path: /etc/apache2/sites-enabled/iiab-homepage.conf state: link when: is_debuntu | bool diff --git a/roles/httpd/tasks/enable.yml b/roles/httpd/tasks/enable.yml index 394629f04..280dfdd02 100644 --- a/roles/httpd/tasks/enable.yml +++ b/roles/httpd/tasks/enable.yml @@ -21,29 +21,29 @@ # group: root # mode: 0644 with_items: - - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_config_dir }}/010-iiab.conf' } - - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf' } + - { src: 'roles/httpd/templates/010-iiab.conf.j2', dest: '/etc/{{ apache_conf_dir }}/010-iiab.conf' } + - { src: 'roles/httpd/templates/proxy_ajp.conf.j2', dest: '/etc/{{ apache_conf_dir }}/proxy_ajp.conf' } - name: Enable our site, creating 010-iiab.conf symlink from sites-enabled to sites-available (debuntu) file: - src: "/etc/{{ apache_config_dir }}/010-iiab.conf" + src: "/etc/{{ apache_conf_dir }}/010-iiab.conf" path: /etc/apache2/sites-enabled/010-iiab.conf state: link when: is_debuntu | bool # SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways) -- name: Install /etc/{{ apache_config_dir }}/osm.conf for http://box/maps (all OS's) +- name: Install /etc/{{ apache_conf_dir }}/osm.conf for http://box/maps (all OS's) copy: src: roles/httpd/files/osm.conf - dest: "/etc/{{ apache_config_dir }}" + dest: "/etc/{{ apache_conf_dir }}" # owner: root # group: root # mode: 0644 when: osm_vector_maps_install | bool -- name: Symlink /etc/apache2/sites-enabled/osm.conf -> /etc/{{ apache_config_dir }}/osm.conf (debuntu) +- name: Symlink /etc/apache2/sites-enabled/osm.conf -> /etc/{{ apache_conf_dir }}/osm.conf (debuntu) file: - src: "/etc/{{ apache_config_dir }}/osm.conf" + src: "/etc/{{ apache_conf_dir }}/osm.conf" path: /etc/apache2/sites-enabled/osm.conf state: link when: is_debuntu and osm_vector_maps_enabled diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index eed2b7ded..123d8c940 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -143,6 +143,13 @@ mode: '0755' state: directory + +# RECORD Apache AS INSTALLED + +- name: "Set 'apache_installed: True'" + set_fact: + apache_installed: True + - name: "Add 'apache_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/internetarchive/tasks/enable.yml b/roles/internetarchive/tasks/enable.yml index 995d328cb..6a5855c2b 100644 --- a/roles/internetarchive/tasks/enable.yml +++ b/roles/internetarchive/tasks/enable.yml @@ -40,7 +40,7 @@ value: "{{ item.value | string }}" with_items: - option: name - value: Internet Archive Offline + value: Internet Archive - option: description value: '"Dweb-mirror is intended to make the Internet Archive experience and UI available offline."' - option: internetarchive_enabled diff --git a/roles/internetarchive/tasks/install.yml b/roles/internetarchive/tasks/install.yml index 9295c4a86..c7289edd6 100644 --- a/roles/internetarchive/tasks/install.yml +++ b/roles/internetarchive/tasks/install.yml @@ -1,20 +1,33 @@ -- name: Install NodeJS +# INSTALL 3 PREREQS + +- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + set_fact: + nodejs_install: True + nodejs_enabled: True + +- name: Install Node.JS include_role: name: nodejs +- name: "Set 'yarn_install: True' and 'yarn_enabled: True'" + set_fact: + yarn_install: True + yarn_enabled: True + - name: Install Yarn include_role: name: yarn -- name: Install packages needed by Internet Archive Offline +- name: Install package 'libsecret-1-dev' package: - name: - - libsecret-1-dev + name: libsecret-1-dev state: present -- name: Create directory {{ internetarchive_dir }} +# CREATE 2 DIRS & RUN YARN + +- name: mkdir {{ internetarchive_dir }} file: - path: "{{ internetarchive_dir }}" + path: "{{ internetarchive_dir }}" # /opt/iiab/internetarchive state: directory owner: "root" @@ -26,7 +39,7 @@ when: internet_available | bool register: internetarchive_installing -- name: Create directory /library/archiveorg +- name: mkdir /library/archiveorg file: path: "/library/archiveorg" state: directory @@ -38,13 +51,20 @@ template: src: "{{ item.src }}" dest: "{{ item.dest }}" - mode: 0644 + mode: '0644' owner: root group: root with_items: - { src: 'internetarchive.service.j2', dest: '/etc/systemd/system/internetarchive.service' } - { src: 'internetarchive.conf', dest: '/etc/apache2/sites-available/internetarchive.conf' } + +# RECORD Internet Archive AS INSTALLED + +- name: "Set 'internetarchive_installed: True'" + set_fact: + internetarchive_installed: True + - name: "Add 'internetarchive_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index cd2f4849b..322fb90c8 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -80,7 +80,7 @@ with_items: - { src: 'kalite.sh.j2', dest: '/usr/bin/kalite', mode: '0755'} - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'} - - { src: 'kalite.conf', dest: '/etc/{{ apache_config_dir }}', mode: '0644'} + - { src: 'kalite.conf', dest: '/etc/{{ apache_conf_dir }}', mode: '0644'} - name: Fix KA Lite bug in regex parsing ifconfig output, for @m-anish's network names that contain dashes replace: @@ -88,9 +88,8 @@ regexp: 'a-zA-Z0-9' replace: 'a-zA-Z0-9\-' -# SHOULD REALLY BE HERE...but for now this runs in kalite/tasks/setup.yml -# - name: "Add 'kalite_installed: True' to {{ iiab_state_file }}" -# lineinfile: -# dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml -# regexp: '^kalite_installed' -# line: 'kalite_installed: True' + +# RECORD KA Lite AS INSTALLED + +# TO DO: move the last 2 stanzas from setup.yml so they live right here, +# as any action named "install.yml" should do exactly what it says (install!) diff --git a/roles/kalite/tasks/setup.yml b/roles/kalite/tasks/setup.yml index 9f52ace5e..495ee6b3c 100644 --- a/roles/kalite/tasks/setup.yml +++ b/roles/kalite/tasks/setup.yml @@ -15,7 +15,16 @@ async: 1800 poll: 10 -# CAN WE MOVE THIS TO THE END OF kalite/tasks/install.yml (HENCE ITS FILENAME!) + +# RECORD KA Lite AS INSTALLED + +# TO DO: move these last 2 stanzas to install.yml, +# as any action named "install.yml" should do exactly what it says (install!) + +- name: "Set 'kalite_installed: True'" + set_fact: + kalite_installed: True + - name: "Add 'kalite_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/kiwix/tasks/install.yml b/roles/kiwix/tasks/install.yml index 4b8d65386..b047f65b1 100644 --- a/roles/kiwix/tasks/install.yml +++ b/roles/kiwix/tasks/install.yml @@ -44,6 +44,7 @@ path: "{{ kiwix_path }}/bin" state: directory + # 2. INSTALL KIWIX-TOOLS EXECUTABLES - name: Unarchive {{ kiwix_src_file }} to /tmp # e.g. kiwix-tools_linux-armhf-0.6.1-1.tar.gz @@ -54,6 +55,7 @@ - name: Move /tmp/{{ kiwix_src_dir }}/* to permanent location /opt/iiab/kiwix/bin (armhf & linux64 & i686) shell: "mv /tmp/{{ kiwix_src_dir }}/* {{ kiwix_path }}/bin/" + # 3. ENABLE MODS FOR APACHE PROXY IF DEBUNTU # 2019-10-07: Moved to roles/httpd/tasks/main.yml @@ -68,6 +70,7 @@ # - rewrite # when: is_debuntu | bool + # 4. INSTALL iiab-make-kiwix-lib*, kiwix-serve.service, kiwix.conf for Apache - name: 'Install from templates: kiwix-serve.service, iiab-make-kiwix-lib, iiab-make-kiwix-lib.py, kiwix.conf' @@ -79,9 +82,14 @@ - { src: 'kiwix-serve.service.j2', dest: '/etc/systemd/system/kiwix-serve.service', mode: '0644' } - { src: 'iiab-make-kiwix-lib', dest: '/usr/bin/iiab-make-kiwix-lib', mode: '0755' } - { src: 'iiab-make-kiwix-lib3.py', dest: '/usr/bin/iiab-make-kiwix-lib.py', mode: '0755' } - - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_config_dir }}/kiwix.conf', mode: '0644' } + - { src: 'kiwix.conf.j2', dest: '/etc/{{ apache_conf_dir }}/kiwix.conf', mode: '0644' } -# 5. RECORD KIWIX AS INSTALLED IN /etc/iiab/iiab_state.yml + +# 5. RECORD Kiwix AS INSTALLED + +- name: "Set 'kiwix_installed: True'" + set_fact: + kiwix_installed: True - name: "Add 'kiwix_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/kolibri/tasks/install.yml b/roles/kolibri/tasks/install.yml index 134945287..ddd2d49c5 100644 --- a/roles/kolibri/tasks/install.yml +++ b/roles/kolibri/tasks/install.yml @@ -113,6 +113,13 @@ # apache2_module: # name: proxy_http + +# RECORD Kolibri AS INSTALLED + +- name: "Set 'kolibri_installed: True'" + set_fact: + kolibri_installed: True + - name: "Add 'kolibri_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/lokole/tasks/install.yml b/roles/lokole/tasks/install.yml index 2b798bd37..ee7baa3c2 100644 --- a/roles/lokole/tasks/install.yml +++ b/roles/lokole/tasks/install.yml @@ -67,10 +67,10 @@ . {{ lokole_run_directory }}/webapp_secrets.sh {{ lokole_venv }}/bin/manage.py createadmin --name='{{ lokole_admin_user }}' --password='{{ lokole_admin_password }}' -- name: Install /etc/{{ apache_config_dir }}/lokole.conf from template, for http://box{{ lokole_url }} via Apache # http://box/lokole +- name: Install /etc/{{ apache_conf_dir }}/lokole.conf from template, for http://box{{ lokole_url }} via Apache # http://box/lokole template: src: lokole.conf.j2 - dest: "/etc/{{ apache_config_dir }}/lokole.conf" + dest: "/etc/{{ apache_conf_dir }}/lokole.conf" when: apache_install | bool - name: Install /etc/systemd/system/lokole.service unit file from template @@ -86,6 +86,13 @@ # state: restarted # when: lokole_enabled | bool + +# RECORD Lokole AS INSTALLED + +- name: "Set 'lokole_installed: True'" + set_fact: + lokole_installed: True + - name: "Add 'lokole_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/mediawiki/tasks/install.yml b/roles/mediawiki/tasks/install.yml index e4c61fcb3..3b8151a1b 100644 --- a/roles/mediawiki/tasks/install.yml +++ b/roles/mediawiki/tasks/install.yml @@ -80,10 +80,17 @@ regexp: '^\$wgServer =' line: '$wgServer = "//" . $_SERVER["HTTP_HOST"];' -- name: Install /etc/{{ apache_config_dir }}/mediawiki.conf from template, for http://box{{ mediawiki_url }} via Apache +- name: Install /etc/{{ apache_conf_dir }}/mediawiki.conf from template, for http://box{{ mediawiki_url }} via Apache template: src: mediawiki.conf.j2 - dest: "/etc/{{ apache_config_dir }}/mediawiki.conf" + dest: "/etc/{{ apache_conf_dir }}/mediawiki.conf" + + +# RECORD MediaWiki AS INSTALLED + +- name: "Set 'mediawiki_installed: True'" + set_fact: + mediawiki_installed: True - name: "Add 'mediawiki_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/minetest/tasks/provision.yml b/roles/minetest/tasks/provision.yml index 4dde9bb20..74de12d15 100644 --- a/roles/minetest/tasks/provision.yml +++ b/roles/minetest/tasks/provision.yml @@ -1,18 +1,18 @@ # Calculate local variables - include_tasks: calc_vars.yml -- name: Check for minetest world file ({{ minetest_world_dir }}/world.mt) +- name: Check for Minetest world file ({{ minetest_world_dir }}/world.mt) stat: path: "{{ minetest_world_dir }}/world.mt" register: minetest_world -- name: Create /library/games +- name: mkdir /library/games file: state: directory path: /library/games # owner: root # group: root - # mode: 0755 + # mode: '0755' # rpi only - include_tasks: rpi_minetest_install.yml @@ -28,7 +28,7 @@ depth: 1 when: not minetest_world.stat.exists and minetest_default_game == "carbone-ng" -- name: Give minetest user ownership of carbone-ng +- name: Give Minetest user ownership of carbone-ng file: state: directory path: "{{ minetest_game_dir }}" @@ -69,6 +69,13 @@ path: "{{ minetest_game_dir }}/mods/name_restrictions" when: minetest_default_game == "carbone-ng" + +# RECORD Minetest AS INSTALLED + +- name: "Set 'minetest_installed: True'" + set_fact: + minetest_installed: True + - name: "Add 'minetest_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index 9586da539..a03d819bc 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -128,9 +128,10 @@ - { src: 'iiab-mongodb-repair-if-no-lock.j2', dest: '/usr/bin/iiab-mongodb-repair-if-no-lock', mode: '0755' } -3. RECORD MongoDB AS INSTALLED +# 3. RECORD MongoDB AS INSTALLED -- set_fact: +- name: "Set 'mongodb_installed: True'" + set_fact: mongodb_installed: True - name: "Add 'mongodb_installed: True' to {{ iiab_state_file }}" diff --git a/roles/mongodb/tasks/main.yml b/roles/mongodb/tasks/main.yml index 5263fa695..8a753b62a 100644 --- a/roles/mongodb/tasks/main.yml +++ b/roles/mongodb/tasks/main.yml @@ -23,10 +23,7 @@ when: (is_debian and not is_raspbian) and (not is_debian_8) and (not is_debian_9) -# 2019-07-08: mongodb_install is completely ignored. FYI mongodb_enabled: False -# works but is ineffective, as Sugarizer starts mongodb's systemd svc on its own - -- name: Install 'mongodb' if not Debian 10+ +- name: Install MongoDB if 'mongodb_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: mongodb_installed is undefined diff --git a/roles/monit/tasks/install.yml b/roles/monit/tasks/install.yml index ea3454853..6529cb3a6 100644 --- a/roles/monit/tasks/install.yml +++ b/roles/monit/tasks/install.yml @@ -56,6 +56,13 @@ - option: enabled value: "{{ monit_enabled }}" + +# RECORD Monit AS INSTALLED + +- name: "Set 'monit_installed: True'" + set_fact: + monit_installed: True + - name: "Add 'monit_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/moodle/tasks/install.yml b/roles/moodle/tasks/install.yml index 527dcb6ca..270b5913b 100644 --- a/roles/moodle/tasks/install.yml +++ b/roles/moodle/tasks/install.yml @@ -78,13 +78,13 @@ - name: Remove Apache's stock moodle.conf file: - path: "/etc/{{ apache_config_dir }}/moodle.conf" + path: "/etc/{{ apache_conf_dir }}/moodle.conf" state: absent - name: Install Apache's 022-moodle.conf from template, if moodle_enabled template: src: 022-moodle.j2 - dest: "/etc/{{ apache_config_dir }}/022-moodle.conf" + dest: "/etc/{{ apache_conf_dir }}/022-moodle.conf" # owner: root # group: root # mode: '0644' @@ -147,6 +147,13 @@ path: "{{ moodle_base }}/config.php" mode: '0644' + +# RECORD Moodle AS INSTALLED + +- name: "Set 'moodle_installed: True'" + set_fact: + moodle_installed: True + - name: "Add 'moodle_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/mosquitto/tasks/install.yml b/roles/mosquitto/tasks/install.yml index 6d1d0f062..aaf10bd3d 100644 --- a/roles/mosquitto/tasks/install.yml +++ b/roles/mosquitto/tasks/install.yml @@ -30,6 +30,13 @@ group: root mode: '0755' + +# RECORD Mosquitto AS INSTALLED + +- name: "Set 'mosquitto_installed: True'" + set_fact: + mosquitto_installed: True + - name: "Add 'mosquitto_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/munin/tasks/install.yml b/roles/munin/tasks/install.yml index 423d22bc0..f42daa35e 100644 --- a/roles/munin/tasks/install.yml +++ b/roles/munin/tasks/install.yml @@ -26,7 +26,7 @@ # mode: 0644 with_items: - { src: 'munin.conf.j2', dest: '/etc/munin/munin.conf' } - - { src: 'munin24.conf.j2', dest: '/etc/{{ apache_config_dir }}/munin24.conf' } + - { src: 'munin24.conf.j2', dest: '/etc/{{ apache_conf_dir }}/munin24.conf' } - name: Establish username/password Admin/changeme in /etc/munin/munin-htpasswd htpasswd: @@ -48,6 +48,13 @@ - /usr/share/munin/plugins/mysql_threads when: mysql_enabled | bool + +# RECORD Munin AS INSTALLED + +- name: "Set 'munin_installed: True'" + set_fact: + munin_installed: True + - name: "Add 'munin_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index 5128de298..e3409ac24 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install Munin if 'munin_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Munin if 'munin_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: munin_installed is undefined diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 9f8d484b5..b62ff931b 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,9 +1,9 @@ # TO DO: # - Validate input vars mysql_install & mysql_enabled -# - Put ~12 stanzas just below into install.yml +# - Put ~13 stanzas just below into install.yml # - Triggered by... 'when: mysql_installed is undefined' # - Eliminate stale Fedora/CentOS code & gratuitous when: is_debuntu clauses? -# - Consider putting ~8 stanzas below that into enable.yml or similar? +# - Put ~8 stanzas below that into enable-or-disable.yml - name: 'Install MySQL packages: mariadb-server, mariadb-client, and 8 php packages (debuntu)' package: @@ -114,9 +114,11 @@ # line: "TimeoutStartSec=180" when: mariadb_unit_file.stat.exists + # RECORD MySQL AS INSTALLED -- set_fact: +- name: "Set 'mysql_installed: True'" + set_fact: mysql_installed: True - name: "Add 'mysql_installed: True' to {{ iiab_state_file }}" diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index 125300dad..f967f5c4a 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -70,11 +70,11 @@ dest: "/etc/systemd/system/{{ dns_service }}.service" mode: '0644' -- name: "Install /etc/{{ apache_config_dir }}/dns-jail.conf from template: dns-jail redirect requires the named.blackhole, disabling recursion (if dns_jail_enabled)" +- name: "Install /etc/{{ apache_conf_dir }}/dns-jail.conf from template: dns-jail redirect requires the named.blackhole, disabling recursion (if dns_jail_enabled)" # in named-iiab.conf, and the redirection of 404 error documents to / template: src: roles/network/templates/named/dns-jail.conf - dest: "/etc/{{ apache_config_dir }}/" + dest: "/etc/{{ apache_conf_dir }}/" when: dns_jail_enabled | bool - name: "Add 'named_installed: True' to {{ iiab_state_file }}" diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 30c7f9897..1ccbc4ad7 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -173,13 +173,19 @@ - name: Install Apache's nextcloud.conf from template, for http://box/nextcloud template: src: nextcloud.conf.j2 - dest: "/etc/{{ apache_config_dir }}/nextcloud.conf" + dest: "/etc/{{ apache_conf_dir }}/nextcloud.conf" - name: Provision Nextcloud's MySQL DB, run Nextcloud's install wizard etc include_tasks: setup.yml +# RECORD Nextcloud AS INSTALLED + +- name: "Set 'nextcloud_installed: True'" + set_fact: + nextcloud_installed: True + - name: "Add 'nextcloud_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 89bf6fd85..bb69fefe0 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -19,19 +19,17 @@ quiet: yes -#- name: Does {{ nextcloud_prefix }}//nextcloud/version.php exist? # /opt -# stat: -# path: "{{ nextcloud_prefix }}/nextcloud/version.php" -# register: nextcloud_page - -- name: Install Nextcloud if 'nextcloud_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Nextcloud if 'nextcloud_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml - when: nextcloud_installed is undefined # or not nextcloud_page.stat.exists + when: nextcloud_installed is undefined +# +# ABOVE install.yml RUNS setup.yml -- name: Enable/Disable/Restart Apache if primary +#- name: Enable/Disable/Restart Apache if primary +- name: SHIM FOR NOW SO ALWAYS DO THE...Enable/Disable/Restart Apache include_tasks: apache.yml - when: not nginx_enabled + #when: not nginx_enabled - name: Enable/Disable/Restart NGINX if primary include_tasks: nginx.yml diff --git a/roles/nextcloud/tasks/nginx.yml b/roles/nextcloud/tasks/nginx.yml index 80001b232..b4b36b401 100644 --- a/roles/nextcloud/tasks/nginx.yml +++ b/roles/nextcloud/tasks/nginx.yml @@ -1,10 +1,10 @@ -- name: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template # http://box/nextcloud +- name: "SHIM: Enable http://box{{ nextcloud_url }} via NGINX, by installing {{ nginx_conf_dir }}/nextcloud-nginx.conf from template" # http://box/nextcloud template: src: nextcloud-nginx.conf.j2 dest: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d when: nextcloud_enabled | bool -- name: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf # http://box/nextcloud +- name: "SHIM: Disable http://box{{ nextcloud_url }} via NGINX, by removing {{ nginx_conf_dir }}/nextcloud-nginx.conf" # http://box/nextcloud file: path: "{{ nginx_conf_dir }}/nextcloud-nginx.conf" # /etc/nginx/conf.d state: absent diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 710b16eb4..ad21ac29d 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -43,6 +43,13 @@ state: restarted when: nginx_enabled + +# RECORD NGINX AS INSTALLED + +- name: "Set 'nginx_installed: True'" + set_fact: + nginx_installed: True + - name: "Add 'nginx_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index 476f12e35..e47ba1cf0 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -151,9 +151,10 @@ -3. RECORD Node.js AS INSTALLED +# 3. RECORD Node.js AS INSTALLED -- set_fact: +- name: "Set 'nodejs_installed: True'" + set_fact: nodejs_installed: True - name: "Add 'nodejs_installed: True' to {{ iiab_state_file }}" diff --git a/roles/nodered/tasks/install.yml b/roles/nodered/tasks/install.yml index 5bdcb268a..8944491f6 100644 --- a/roles/nodered/tasks/install.yml +++ b/roles/nodered/tasks/install.yml @@ -85,11 +85,11 @@ dest: /etc/systemd/system/nodered.service # mode: '0666' -- name: Install /etc/{{ apache_config_dir }}/nodered.conf from template +- name: Install /etc/{{ apache_conf_dir }}/nodered.conf from template template: backup: yes src: nodered.conf.j2 - dest: "/etc/{{ apache_config_dir }}/nodered.conf" + dest: "/etc/{{ apache_conf_dir }}/nodered.conf" # mode: '0666' # SEE ALSO THE apache2_module SECTION IN roles/httpd/tasks/main.yml @@ -98,6 +98,13 @@ state: present name: proxy_wstunnel + +# RECORD Node-RED AS INSTALLED + +- name: "Set 'nodered_installed: True'" + set_fact: + nodered_installed: True + - name: "Add 'nodered_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/openvpn/tasks/main.yml b/roles/openvpn/tasks/main.yml index 3463881a7..10651af47 100644 --- a/roles/openvpn/tasks/main.yml +++ b/roles/openvpn/tasks/main.yml @@ -1,4 +1,4 @@ -# TO DO: WRAP 11 OR 12 STANZAS BELOW INTO install.yml, conditioned by... +# TO DO: WRAP 12 OR 13 STANZAS BELOW INTO install.yml, conditioned by... # 'when: openvpn_installed is undefined' # # BEWARE: 4th stanza (ssh pubkey deletions) is already conditioned by... @@ -107,6 +107,13 @@ path: /usr/bin/iiab-vpn-off state: link + +# RECORD OpenVPN AS INSTALLED + +- name: "Set 'openvpn_installed: True'" + set_fact: + openvpn_installed: True + - name: "Add 'openvpn_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml @@ -114,7 +121,7 @@ line: 'openvpn_installed: True' -# TO DO: WRAP COMMENTS + 4 ACTIVE STANZAS BELOW INTO enable.yml... +# TO DO: WRAP COMMENTS + 4 ACTIVE STANZAS BELOW INTO enable-or-disable.yml... # FIXED SOMETIME PRIOR TO AUGUST 2018: earlier versions of Ansible had not # been working with systemd service names that contained the "@" character. diff --git a/roles/osm-vector-maps/tasks/install.yml b/roles/osm-vector-maps/tasks/install.yml index d43cfbce4..e4e17d099 100644 --- a/roles/osm-vector-maps/tasks/install.yml +++ b/roles/osm-vector-maps/tasks/install.yml @@ -67,6 +67,12 @@ dest: "{{ vector_map_path }}/index.html" # /library/www/osm-vector-maps +# RECORD OSM Vector Maps AS INSTALLED + +- name: "Set 'osm_vector_maps_installed: True'" + set_fact: + osm_vector_maps_installed: True + - name: "Add 'osm_vector_maps_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/osm-vector-maps/tasks/main.yml b/roles/osm-vector-maps/tasks/main.yml index 3bdfbee25..2fba601a5 100644 --- a/roles/osm-vector-maps/tasks/main.yml +++ b/roles/osm-vector-maps/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install OSM Vector Maps if 'osm_vector_maps_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install OSM Vector Maps if 'osm_vector_maps_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: osm_vector_maps_installed is undefined diff --git a/roles/pbx/tasks/main.yml b/roles/pbx/tasks/main.yml index 7dd0c23a7..50752065f 100644 --- a/roles/pbx/tasks/main.yml +++ b/roles/pbx/tasks/main.yml @@ -49,3 +49,16 @@ - name: Asterisk - Install chan_dongle include: chan_dongle.yml when: asterisk_chan_dongle | bool + + +# RECORD PBX AS INSTALLED + +- name: "Set 'pbx_installed: True'" + set_fact: + pbx_installed: True + +- name: "Add 'pbx_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^pbx_installed' + line: 'pbx_installed: True' diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index 2dd6f3cc5..088fd4e2e 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -45,6 +45,19 @@ # # recurse: yes # # state: directory +- name: Install /etc/{{ apache_conf_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled + template: + src: phpmyadmin.j2 + dest: "/etc/{{ apache_conf_dir }}/phpmyadmin.conf" + when: apache_install | bool + + +# RECORD phpMyAdmin AS INSTALLED + +- name: "Set 'phpmyadmin_installed: True'" + set_fact: + phpmyadmin_installed: True + - name: "Add 'phpmyadmin_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml @@ -52,24 +65,13 @@ line: 'phpmyadmin_installed: True' -- name: Install /etc/{{ apache_config_dir }}/phpmyadmin.conf from template, if phpmyadmin_enabled - template: - src: phpmyadmin.j2 - dest: "/etc/{{ apache_config_dir }}/phpmyadmin.conf" - when: phpmyadmin_enabled | bool +- name: Enable phpMyAdmin via Apache, if phpmyadmin_enabled + command: a2ensite phpmyadmin.conf + when: apache_install and phpmyadmin_enabled -- name: Create symlink phpmyadmin.conf from sites-enabled to sites-available (debuntu) - file: - src: /etc/apache2/sites-available/phpmyadmin.conf - path: /etc/apache2/sites-enabled/phpmyadmin.conf - state: link - when: phpmyadmin_enabled and is_debuntu - -- name: Remove /etc/apache2/sites-enabled/phpmyadmin.conf, if not phpmyadmin_enabled (debuntu) - file: - path: /etc/apache2/sites-enabled/phpmyadmin.conf - state: absent - when: not phpmyadmin_enabled and is_debuntu +- name: Disable phpMyAdmin via Apache, if not phpmyadmin_enabled + command: a2dissite phpmyadmin.conf + when: apache_install and not phpmyadmin_enabled - name: Add 'phpmyadmin' variable values to {{ iiab_ini_file }} diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index 2e34a3ee1..df377b2bc 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,6 +1,6 @@ # TO DO: # - Validate input vars postgresql_install & postgresql_enabled -# - Put ~12 stanzas just below into install.yml +# - Put ~13 stanzas just below into install.yml # - Triggered by... 'when: postgresql_installed is undefined' - name: Install 'postgresql' package @@ -85,9 +85,11 @@ state: stopped enabled: no + # RECORD PostgreSQL AS INSTALLED -- set_fact: +- name: "Set 'postgresql_installed: True'" + set_fact: postgresql_installed: True - name: "Add 'postgresql_installed: True' to {{ iiab_state_file }}" diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index 7a6087a77..be0022ca3 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -21,51 +21,55 @@ - samba-common - cifs-utils state: present - #tags: samba, download - name: Install /etc/samba/smb.conf from template template: src: smb.conf.j2 dest: /etc/samba/smb.conf + +# RECORD Samba AS INSTALLED + +- name: "Set 'samba_installed: True'" + set_fact: + samba_installed: True + - name: "Add 'samba_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml regexp: '^samba_installed' line: 'samba_installed: True' -- name: Enable & Start Samba systemd service + +- name: Enable & Start Samba ({{ smb_service }}) systemd service, if samba_enabled service: name: "{{ smb_service }}" state: started enabled: yes - #tags: samba when: samba_enabled | bool -- name: Enable & Start NetBIOS name server ({{ nmb_service }}) +- name: Enable & Start NetBIOS name server ({{ nmb_service }}) if samba_enabled service: name: "{{ nmb_service }}" state: started enabled: yes - #tags: samba when: samba_enabled | bool -- name: Disable Samba if not samba_enabled - service: +- name: Disable & Stop Samba ({{ smb_service }}) systemd service, if not samba_enabled + systemd: name: "{{ smb_service }}" state: stopped enabled: no - #tags: samba when: not samba_enabled -- name: Disable NetBIOS name server ({{ nmb_service }}) if not samba_enabled - service: +- name: Disable & Stop NetBIOS name server ({{ nmb_service }}) if not samba_enabled + systemd: name: "{{ nmb_service }}" state: stopped enabled: no - #tags: samba when: not samba_enabled + - name: Add 'samba' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index cf34e87f9..ac96f0208 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -2,25 +2,24 @@ package: name: "{{ sshd_package }}" state: present - when: sshd_enabled | bool -- name: Disable root login with password +- name: Disable password-based logins to root lineinfile: dest: /etc/ssh/sshd_config regexp: '^PermitRootLogin' line: 'PermitRootLogin without-password' state: present - when: sshd_enabled | bool + #when: sshd_enabled | bool #TODO: use handler to reload ssh -- name: Create root .ssh +- name: mkdir /root/.ssh file: + state: directory path: /root/.ssh owner: root group: root - mode: 0700 - state: directory - when: sshd_enabled | bool + mode: '0700' + #when: sshd_enabled | bool - name: Install dummy root keys as placeholder copy: @@ -28,19 +27,34 @@ dest: /root/.ssh/authorized_keys owner: root group: root - mode: 0600 + mode: '0600' force: no - when: sshd_enabled | bool + #when: sshd_enabled | bool -- name: Enable & start ssh daemon - service: + +# RECORD sshd AS INSTALLED + +- name: "Set 'sshd_installed: True'" + set_fact: + sshd_installed: True + +- name: "Add 'sshd_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^sshd_installed' + line: 'sshd_installed: True' + + +- name: Enable & Start ssh daemon ({{ sshd_service }}) if sshd_enabled + systemd: name: "{{ sshd_service }}" + daemon_reload: yes enabled: yes state: started when: sshd_enabled | bool -- name: Disable ssh daemon - service: +- name: Disable & Stop ssh daemon ({{ sshd_service }}) if not sshd_enabled + systemd: name: "{{ sshd_service }}" enabled: no state: stopped diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index ef80cc884..c613f691c 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -1,6 +1,13 @@ -0. ATTEMPT INSTALL-THEN-ASSERT OF (1) HARD PREREQ Node.js (2) SOFT PREREQ MongoDB +# 0. ATTEMPT INSTALL-THEN-ASSERT OF (1) HARD PREREQ Node.js (2) SOFT PREREQ MongoDB -- set_fact: +- debug: + var: nodejs_install + +- debug: + var: nodejs_enabled + +- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + set_fact: nodejs_install: True nodejs_enabled: True @@ -18,7 +25,14 @@ msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, and your nodejs_version appears to be {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc!" when: nodejs_version != "12.x" -- set_fact: + +- debug: + var: mongodb_install +- debug: + var: mongodb_enabled + +- name: "Set 'mongodb_install: True' and 'mongodb_enabled: True'" + set_fact: mongodb_install: True mongodb_enabled: True @@ -178,7 +192,7 @@ # mode: '0644' with_items: - { src: 'sugarizer.service', dest: '/etc/systemd/system/sugarizer.service' } - - { src: 'sugarizer.conf.j2', dest: "/etc/{{ apache_config_dir }}/sugarizer.conf" } + - { src: 'sugarizer.conf.j2', dest: "/etc/{{ apache_conf_dir }}/sugarizer.conf" } #- { src: 'sugarizer.ini.j2', dest: '{{ iiab_base }}/sugarizer-server/env/sugarizer.ini' } #- { src: 'sugarizer.js', dest: '{{ iiab_base }}/sugarizer-server' } @@ -253,9 +267,10 @@ # # block: "\tvar pathPrefix = '/sugarizer';\n\tapp.use(pathPrefix, require('path-prefix-proxy')(pathPrefix));" -6. RECORD Sugarizer AS INSTALLED +# 6. RECORD Sugarizer AS INSTALLED -- set_fact: +- name: "Set 'sugarizer_installed: True'" + set_fact: sugarizer_installed: True - name: "Add 'sugarizer_installed: True' to {{ iiab_state_file }}" diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index ef5b79c5b..4d394c56c 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -19,7 +19,7 @@ quiet: yes -- name: Install Sugarizer if 'sugarizer_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install Sugarizer if 'sugarizer_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: sugarizer_installed is undefined diff --git a/roles/transmission/tasks/main.yml b/roles/transmission/tasks/main.yml index 3a7646f83..340f3d95b 100644 --- a/roles/transmission/tasks/main.yml +++ b/roles/transmission/tasks/main.yml @@ -7,11 +7,11 @@ - name: Create download dir {{ transmission_download_dir }}, owned by {{ transmission_user }}:{{ transmission_group }} file: + state: directory path: "{{ transmission_download_dir }}" # /library/transmission owner: "{{ transmission_user }}" # debian-transmission group: "{{ transmission_group }}" # root # mode: '0755' - state: directory - name: Stop 'transmission-daemon' systemd service, before modifying its settings systemd: @@ -23,9 +23,16 @@ template: src: settings.json.j2 dest: /etc/transmission-daemon/settings.json - # mode: '0644' owner: "{{ transmission_user }}" # debian-transmission group: "{{ transmission_group }}" # root + # mode: '0644' + + +# RECORD Transmission AS INSTALLED + +- name: "Set 'transmission_installed: True'" + set_fact: + transmission_installed: True - name: "Add 'transmission_installed: True' to {{ iiab_state_file }}" lineinfile: diff --git a/roles/usb-lib/README.rst b/roles/usb_lib/README.rst similarity index 100% rename from roles/usb-lib/README.rst rename to roles/usb_lib/README.rst diff --git a/roles/usb-lib/defaults/main.yml b/roles/usb_lib/defaults/main.yml similarity index 100% rename from roles/usb-lib/defaults/main.yml rename to roles/usb_lib/defaults/main.yml diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml new file mode 100644 index 000000000..82ecc6724 --- /dev/null +++ b/roles/usb_lib/tasks/main.yml @@ -0,0 +1,109 @@ +# TO DO: +# - validate input vars + prereqs +# - move 6 top stanzas into install.yml +# - move 6 mid/lower stanzas into enable-or-disable.yml +# - verify analogous NGINX logic from roles/nginx/* -- then integrate as nec? + +- name: Add dir {{ doc_root }}/local_content, where USB drive links can appear + file: + state: directory + path: "{{ doc_root }}/local_content" + owner: "{{ apache_user }}" + group: "{{ iiab_admin_user }}" # ISN'T "{{ apache_user }}" MORE APPROPRIATE? + mode: '0775' + +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off' + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + with_items: + - { src: 'usbmount@.service.j2' , dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } + - { src: 'usbmount.rules.j2' , dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' } + - { src: 'iiab-usb_lib-show-all-on' , dest: '/usr/bin/', mode: '0755' } + - { src: 'iiab-usb_lib-show-all-off' , dest: '/usr/bin/', mode: '0755' } + +- name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf + lineinfile: + regexp: '^FILESYSTEMS.*' + line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"' + path: /etc/usbmount/usbmount.conf + +- name: Install /etc/{{ apache_conf_dir }}/content_dir.conf from template + template: + src: content_dir.conf + dest: "/etc/{{ apache_conf_dir }}" + when: apache_install + + +# RECORD usb_lib AS INSTALLED + +- name: "Set 'usb_lib_installed: True'" + set_fact: + usb_lib_installed: True + +- name: "Add 'usb_lib_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^usb_lib_installed' + line: 'usb_lib_installed: True' + + +- name: Install /etc/usbmount/mount.d/70-usb-library from template, if usb_lib_enabled + template: + src: mount.d/70-usb-library + dest: /etc/usbmount/mount.d/ + owner: root + group: root + mode: '0751' + when: usb_lib_enabled | bool + +- name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled + template: + src: umount.d/70-usb-library + dest: /etc/usbmount/umount.d + owner: root + group: root + mode: '0751' + when: usb_lib_enabled | bool + +- name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled + file: + path: /etc/usbmount/mount.d/70-usb-library + state: absent + when: not usb_lib_enabled + +- name: Remove /etc/usbmount/umount.d/70-usb-library if not usb_lib_enabled + file: + path: /etc/usbmount/umount.d/70-usb-library + state: absent + when: not usb_lib_enabled + +- name: Enable http://box/usb via Apache, if usb_lib_enabled + command: a2ensite content_dir.conf + when: apache_install and usb_lib_enabled + +- name: Disable http://box/usb via Apache, if not usb_lib_enabled + command: a2dissite content_dir.conf + when: apache_install and not usb_lib_enabled + + +- name: Put variable in iiab.env that enables display of content at root of USB + lineinfile: + path: "{{ iiab_env_file }}" + regexp: "^IIAB_USB_LIB_SHOW_ALL.*" + line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" + +- name: Add 'usb_lib' variable values to {{ iiab_ini_file }} + ini_file: + path: "{{ iiab_ini_file }}" + section: usb_lib + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: name + value: usb_lib + - option: description + value: '"usb_lib automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"' + - option: enabled + value: "{{ usb_lib_enabled }}" diff --git a/roles/usb-lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml~ similarity index 59% rename from roles/usb-lib/tasks/main.yml rename to roles/usb_lib/tasks/main.yml~ index 8cf7ce336..0ac13ad51 100644 --- a/roles/usb-lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml~ @@ -1,21 +1,18 @@ +# TO DO: +# - validate input vars + prereqs +# - move 6 top stanzas into install.yml +# - move 6 mid/lower stanzas into enable-or-disable.yml +# - verify analogous NGINX logic from roles/nginx/* -- then integrate as nec? + - name: Add dir {{ doc_root }}/local_content, where USB drive links can appear file: - path: "{{ doc_root }}/local_content" state: directory + path: "{{ doc_root }}/local_content" owner: "{{ apache_user }}" group: "{{ iiab_admin_user }}" # ISN'T "{{ apache_user }}" MORE APPROPRIATE? - mode: 0775 + mode: '0775' -- name: Install /etc/usbmount/mount.d/70-usb-library from template - template: - src: mount.d/70-usb-library - dest: /etc/usbmount/mount.d/ - owner: root - group: root - mode: 0751 - when: usb_lib_enabled | bool - -- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb-lib-show-all-on, /usr/bin/iiab-usb-lib-show-all-off' +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -23,22 +20,51 @@ with_items: - { src: 'usbmount@.service.j2' , dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } - { src: 'usbmount.rules.j2' , dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' } - - { src: 'iiab-usb-lib-show-all-on' , dest: '/usr/bin/', mode: '0755' } - - { src: 'iiab-usb-lib-show-all-off' , dest: '/usr/bin/', mode: '0755' } + - { src: 'iiab-usb_lib-show-all-on' , dest: '/usr/bin/', mode: '0755' } + - { src: 'iiab-usb_lib-show-all-off' , dest: '/usr/bin/', mode: '0755' } - name: Enable exFAT and NTFS in /etc/usbmount/usbmount.conf - lineinfile: + lineinfile: regexp: '^FILESYSTEMS.*' line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"' path: /etc/usbmount/usbmount.conf -- name: Install /etc/usbmount/umount.d/70-usb-library from template +- name: Install /etc/{{ apache_conf_dir }}/content_dir.conf from template + template: + src: content_dir.conf + dest: "/etc/{{ apache_conf_dir }}" + when: apache_install + + +# RECORD usb_lib AS INSTALLED + +- name: "Set 'usb_lib_installed: True'" + set_fact: + usb_lib_installed: True + +- name: "Add 'usb_lib_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^usb_lib_installed' + line: 'usb_lib_installed: True' + + +- name: Install /etc/usbmount/mount.d/70-usb-library from template, if usb_lib_enabled + template: + src: mount.d/70-usb-library + dest: /etc/usbmount/mount.d/ + owner: root + group: root + mode: '0751' + when: usb_lib_enabled | bool + +- name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled template: src: umount.d/70-usb-library dest: /etc/usbmount/umount.d owner: root group: root - mode: 0751 + mode: '0751' when: usb_lib_enabled | bool - name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled @@ -53,47 +79,31 @@ state: absent when: not usb_lib_enabled +- name: Enable http://box/usb via Apache, if usb_lib_enabled + shell: a2ensite content_dir.conf + when: apache_install and usb_lib_enabled + +- name: Disable http://box/usb via Apache, if not usb_lib_enabled + shell: a2dissite content_dir.conf + when: apache_install and not usb_lib_enabled + + - name: Put variable in iiab.env that enables display of content at root of USB lineinfile: path: "{{ iiab_env_file }}" regexp: "^IIAB_USB_LIB_SHOW_ALL.*" line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" -- name: Install /etc/{{ apache_config_dir }}/content_dir.conf from template - template: - src: content_dir.conf - dest: "/etc/{{ apache_config_dir }}" - when: usb_lib_enabled | bool - -- name: Create symlink content_dir.conf from sites-enabled to sites-available (debuntu) - file: - src: "/etc/{{ apache_config_dir }}/content_dir.conf" - dest: /etc/apache2/sites-enabled/content_dir.conf - state: link - when: is_debuntu | bool - -- name: Remove symlink content_dir.conf from /etc/apache2/sites-enabled (debuntu) - file: - dest: /etc/apache2/sites-enabled/content_dir.conf - state: absent - when: is_debuntu and not usb_lib_enabled - -- name: Remove content_dir.conf from /etc/{{ apache_config_dir }} - file: - name: "/etc/{{ apache_config_dir }}/content_dir.conf" - state: absent - when: not usb_lib_enabled - -- name: Add 'usb-lib' variable values to {{ iiab_ini_file }} +- name: Add 'usb_lib' variable values to {{ iiab_ini_file }} ini_file: path: "{{ iiab_ini_file }}" - section: usb-lib + section: usb_lib option: "{{ item.option }}" value: "{{ item.value | string }}" with_items: - option: name - value: usb-lib + value: usb_lib - option: description - value: '"usb-lib automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"' + value: '"usb_lib automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"' - option: enabled value: "{{ usb_lib_enabled }}" diff --git a/roles/usb-lib/templates/content_dir.conf b/roles/usb_lib/templates/content_dir.conf similarity index 100% rename from roles/usb-lib/templates/content_dir.conf rename to roles/usb_lib/templates/content_dir.conf diff --git a/roles/usb-lib/templates/iiab-usb-lib-show-all-off b/roles/usb_lib/templates/iiab-usb_lib-show-all-off similarity index 100% rename from roles/usb-lib/templates/iiab-usb-lib-show-all-off rename to roles/usb_lib/templates/iiab-usb_lib-show-all-off diff --git a/roles/usb-lib/templates/iiab-usb-lib-show-all-on b/roles/usb_lib/templates/iiab-usb_lib-show-all-on similarity index 100% rename from roles/usb-lib/templates/iiab-usb-lib-show-all-on rename to roles/usb_lib/templates/iiab-usb_lib-show-all-on diff --git a/roles/usb-lib/templates/mount.d/70-usb-library b/roles/usb_lib/templates/mount.d/70-usb-library similarity index 100% rename from roles/usb-lib/templates/mount.d/70-usb-library rename to roles/usb_lib/templates/mount.d/70-usb-library diff --git a/roles/usb-lib/templates/umount.d/70-usb-library b/roles/usb_lib/templates/umount.d/70-usb-library similarity index 100% rename from roles/usb-lib/templates/umount.d/70-usb-library rename to roles/usb_lib/templates/umount.d/70-usb-library diff --git a/roles/usb-lib/templates/usbmount.rules.j2 b/roles/usb_lib/templates/usbmount.rules.j2 similarity index 100% rename from roles/usb-lib/templates/usbmount.rules.j2 rename to roles/usb_lib/templates/usbmount.rules.j2 diff --git a/roles/usb-lib/templates/usbmount@.service.j2 b/roles/usb_lib/templates/usbmount@.service.j2 similarity index 100% rename from roles/usb-lib/templates/usbmount@.service.j2 rename to roles/usb_lib/templates/usbmount@.service.j2 diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 969b25d0f..0303d0e46 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -19,6 +19,13 @@ shell: /usr/bin/vnstat -i {{ iiab_lan_iface }} when: iiab_lan_iface is defined + +# RECORD vnStat AS INSTALLED + +- name: "Set 'vnstat_installed: True'" + set_fact: + vnstat_installed: True + - name: "Add 'vnstat_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml @@ -26,7 +33,7 @@ line: 'vnstat_installed: True' -- name: Enable & Start vnStat's systemd service (vnstat) +- name: Enable & (Re)Start 'vnstat' systemd service, if vnstat_enabled systemd: name: vnstat daemon_reload: yes diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 8652e0a0d..29a8bc216 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -85,12 +85,19 @@ group: "{{ apache_user }}" # DO WE REALLY STILL WANT THIS FOR NGINX? mode: '0660' # Others strongly recommend '0600' (or do PHP/Apache/NGINX really need group read & write permissions?) -- name: Install etc/{{ apache_config_dir }}/wordpress.conf from template, for http://box{{ wp_url }} via Apache +- name: Install etc/{{ apache_conf_dir }}/wordpress.conf from template, for http://box{{ wp_url }} via Apache template: src: wordpress.conf.j2 - dest: "/etc/{{ apache_config_dir }}/wordpress.conf" + dest: "/etc/{{ apache_conf_dir }}/wordpress.conf" when: apache_enabled | bool + +# RECORD WordPress AS INSTALLED + +- name: "Set 'wordpress_installed: True'" + set_fact: + wordpress_installed: True + - name: "Add 'wordpress_installed: True' to {{ iiab_state_file }}" lineinfile: dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml index 0e4986ed1..07853ec12 100644 --- a/roles/wordpress/tasks/main.yml +++ b/roles/wordpress/tasks/main.yml @@ -21,11 +21,11 @@ quiet: yes -- name: Provision MySQL DB for WordPress, if 'wordpress_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Provision MySQL DB for WordPress, if 'wordpress_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: setup.yml when: wordpress_installed is undefined # and not installing -- name: Install WordPress if 'wordpress_installed' is not defined in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml +- name: Install WordPress if 'wordpress_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml include_tasks: install.yml when: wordpress_installed is undefined diff --git a/roles/yarn/tasks/main.yml b/roles/yarn/tasks/main.yml index 461280d41..533a5315a 100644 --- a/roles/yarn/tasks/main.yml +++ b/roles/yarn/tasks/main.yml @@ -7,7 +7,7 @@ file: path: /etc/apt/sources.list.d/yarn.list owner: root - mode: 0644 + mode: '0644' state: touch - name: "Yarn | Ensure Debian package is in sources list" @@ -17,8 +17,8 @@ line: 'deb http://dl.yarnpkg.com/debian/ stable main' state: present -- name: "Yarn | Update APT cache" - apt: +- name: "Yarn | Update APT cache" + apt: update_cache: yes - name: "Yarn | Install" @@ -26,3 +26,16 @@ name: yarn state: latest when: internet_available and is_debuntu + + +# RECORD Yarn AS INSTALLED + +- name: "Set 'yarn_installed: True'" + set_fact: + yarn_installed: True + +- name: "Add 'yarn_installed: True' to {{ iiab_state_file }}" + lineinfile: + dest: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml + regexp: '^yarn_installed' + line: 'yarn_installed: True' diff --git a/tests/test.yml b/tests/test.yml index f39c2807d..26f0b40b6 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -57,7 +57,7 @@ #- { role: sugar-stats } #- { role: teamviewer } - { role: transmission } - - { role: usb-lib } + - { role: usb_lib } - { role: vnstat } - { role: wordpress } #- { roles: xovis } diff --git a/vars/centos-7.yml b/vars/centos-7.yml index 349a6e33e..c57ab58f7 100644 --- a/vars/centos-7.yml +++ b/vars/centos-7.yml @@ -11,7 +11,8 @@ proxy: squid proxy_user: squid apache_service: httpd apache_user: apache -apache_config_dir: httpd/conf.d +apache_conf_dir: httpd/conf.d +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/httpd smb_service: smb nmb_service: nmb diff --git a/vars/debian-10.yml b/vars/debian-10.yml index 9c82440f6..9780612da 100644 --- a/vars/debian-10.yml +++ b/vars/debian-10.yml @@ -11,7 +11,8 @@ dns_user: bind proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/debian-8.yml b/vars/debian-8.yml index 99accdf52..bb23c04b0 100644 --- a/vars/debian-8.yml +++ b/vars/debian-8.yml @@ -10,7 +10,8 @@ dns_user: bind proxy: squid3 proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/debian-9.yml b/vars/debian-9.yml index 098c90809..19ef67bb3 100644 --- a/vars/debian-9.yml +++ b/vars/debian-9.yml @@ -11,7 +11,8 @@ dns_user: bind proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/fedora-18.yml b/vars/fedora-18.yml index 8df9d8019..ca863a016 100644 --- a/vars/fedora-18.yml +++ b/vars/fedora-18.yml @@ -11,7 +11,8 @@ proxy: squid proxy_user: squid apache_service: httpd apache_user: apache -apache_config_dir: httpd/conf.d +apache_conf_dir: httpd/conf.d +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/httpd smb_service: smb nmb_service: nmb diff --git a/vars/fedora-22.yml b/vars/fedora-22.yml index 28f815f43..2c8ec05b6 100644 --- a/vars/fedora-22.yml +++ b/vars/fedora-22.yml @@ -11,7 +11,8 @@ proxy: squid proxy_user: squid apache_service: httpd apache_user: apache -apache_config_dir: httpd/conf.d +apache_conf_dir: httpd/conf.d +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/httpd smb_service: smb nmb_service: nmb diff --git a/vars/raspbian-10.yml b/vars/raspbian-10.yml index 7813a7200..7d7e61e50 100644 --- a/vars/raspbian-10.yml +++ b/vars/raspbian-10.yml @@ -15,7 +15,8 @@ dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/raspbian-8.yml b/vars/raspbian-8.yml index b4e4e59eb..2b075ca8d 100644 --- a/vars/raspbian-8.yml +++ b/vars/raspbian-8.yml @@ -14,7 +14,8 @@ dns_user: bind proxy: squid3 proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/raspbian-9.yml b/vars/raspbian-9.yml index 6108184cf..b10f5022e 100644 --- a/vars/raspbian-9.yml +++ b/vars/raspbian-9.yml @@ -15,7 +15,8 @@ dhcp_service: isc-dhcp-server proxy: squid proxy_user: proxy apache_service: apache2 -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_user: www-data apache_log_dir: /var/log/apache2 smb_service: smbd diff --git a/vars/ubuntu-16.yml b/vars/ubuntu-16.yml index f8d8b07c9..96312974a 100644 --- a/vars/ubuntu-16.yml +++ b/vars/ubuntu-16.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-17.yml b/vars/ubuntu-17.yml index fe0c4288e..751b16706 100644 --- a/vars/ubuntu-17.yml +++ b/vars/ubuntu-17.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-18.yml b/vars/ubuntu-18.yml index 21f90fa1a..1b5579da8 100644 --- a/vars/ubuntu-18.yml +++ b/vars/ubuntu-18.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-19.yml b/vars/ubuntu-19.yml index d6afbcf33..348146c67 100644 --- a/vars/ubuntu-19.yml +++ b/vars/ubuntu-19.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd diff --git a/vars/ubuntu-20.yml b/vars/ubuntu-20.yml index 26fdea9ec..ab0bd9602 100644 --- a/vars/ubuntu-20.yml +++ b/vars/ubuntu-20.yml @@ -12,7 +12,8 @@ proxy: squid proxy_user: proxy apache_service: apache2 apache_user: www-data -apache_config_dir: apache2/sites-available +apache_conf_dir: apache2/sites-available +apache_config_dir: "{{ apache_conf_dir }}" # for iiab-admin-console/roles/console/tasks/main.yml Line 150 apache_log_dir: /var/log/apache2 smb_service: smbd nmb_service: nmbd From 2cdf8463650b9fd1a9f2d663d6b906aa8e2af553 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 30 Jan 2020 04:57:53 -0500 Subject: [PATCH 43/45] Remove tags in ~30 files, improve verbiage --- roles/0-DEPRECATED-ROLES/docker/tasks/main.yml | 1 - roles/0-DEPRECATED-ROLES/ejabberd/tasks/main.yml | 1 - .../0-DEPRECATED-ROLES/ejabberd_xs/tasks/main.yml | 1 - roles/0-DEPRECATED-ROLES/idmgr/tasks/main.yml | 1 - .../0-DEPRECATED-ROLES/sugar-stats/tasks/main.yml | 1 - .../teamviewer/tasks/install.yml | 5 ----- roles/2-common/tasks/iptables.yml | 2 -- roles/2-common/tasks/xo.yml | 1 - roles/all-vars/tasks/main.yml | 1 - roles/awstats/tasks/enable.yml | 2 +- roles/calibre-web/tasks/install.yml | 6 +++--- roles/captiveportal/tasks/main.yml | 2 +- roles/cups/tasks/main.yml | 2 +- roles/gitea/tasks/install.yml | 1 - roles/httpd/tasks/install.yml | 3 --- roles/iiab-admin/tasks/access.yml | 1 - roles/iiab-admin/tasks/main.yml | 2 -- roles/internetarchive/tasks/enable.yml | 2 +- roles/mongodb/tasks/install.yml | 1 - roles/monit/tasks/install.yml | 2 -- roles/mosquitto/tasks/install.yml | 1 - roles/munin/tasks/main.yml | 2 +- roles/network/tasks/computed_network.yml | 2 -- roles/network/tasks/dansguardian.yml | 1 - roles/network/tasks/ifcfg_mods.yml | 1 - roles/network/tasks/main.yml | 15 --------------- roles/osm-vector-maps/tasks/main.yml | 2 +- roles/postgresql/tasks/main.yml | 2 +- roles/sugarizer/tasks/install.yml | 1 - roles/vnstat/tasks/main.yml | 3 +-- 30 files changed, 11 insertions(+), 57 deletions(-) diff --git a/roles/0-DEPRECATED-ROLES/docker/tasks/main.yml b/roles/0-DEPRECATED-ROLES/docker/tasks/main.yml index 4bb4fcfa6..8c890c7d8 100644 --- a/roles/0-DEPRECATED-ROLES/docker/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/docker/tasks/main.yml @@ -5,7 +5,6 @@ - docker - python-docker-py when: docker_install | bool - #tags: download - name: put the systemd startup file in place template: src=docker.service diff --git a/roles/0-DEPRECATED-ROLES/ejabberd/tasks/main.yml b/roles/0-DEPRECATED-ROLES/ejabberd/tasks/main.yml index 470216c8a..c7631ec10 100644 --- a/roles/0-DEPRECATED-ROLES/ejabberd/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/ejabberd/tasks/main.yml @@ -2,7 +2,6 @@ package: name: ejabberd state: present - #tags: download #- name: Configure ejabberd # template: diff --git a/roles/0-DEPRECATED-ROLES/ejabberd_xs/tasks/main.yml b/roles/0-DEPRECATED-ROLES/ejabberd_xs/tasks/main.yml index 36a58d160..9be7687a2 100644 --- a/roles/0-DEPRECATED-ROLES/ejabberd_xs/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/ejabberd_xs/tasks/main.yml @@ -3,7 +3,6 @@ state=present with_items: - ejabberd-2.1.11 - #tags: download when: not is_debuntu # need to use lineinfile and better regexp diff --git a/roles/0-DEPRECATED-ROLES/idmgr/tasks/main.yml b/roles/0-DEPRECATED-ROLES/idmgr/tasks/main.yml index 464c32762..7958b1135 100644 --- a/roles/0-DEPRECATED-ROLES/idmgr/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/idmgr/tasks/main.yml @@ -7,7 +7,6 @@ - xinetd - xs-rsync - incron - #tags: download - name: Configure idmgr template: backup=yes diff --git a/roles/0-DEPRECATED-ROLES/sugar-stats/tasks/main.yml b/roles/0-DEPRECATED-ROLES/sugar-stats/tasks/main.yml index 71fb4b073..bb29c4298 100644 --- a/roles/0-DEPRECATED-ROLES/sugar-stats/tasks/main.yml +++ b/roles/0-DEPRECATED-ROLES/sugar-stats/tasks/main.yml @@ -6,7 +6,6 @@ - active-document - restful-document - python-xappy - #tags: download - name: Create sugar-stats directory tree file: path={{ item }} diff --git a/roles/0-DEPRECATED-ROLES/teamviewer/tasks/install.yml b/roles/0-DEPRECATED-ROLES/teamviewer/tasks/install.yml index 5410c926d..082faf382 100644 --- a/roles/0-DEPRECATED-ROLES/teamviewer/tasks/install.yml +++ b/roles/0-DEPRECATED-ROLES/teamviewer/tasks/install.yml @@ -2,22 +2,18 @@ - name: Install Xfce group of packages shell: "yum groupinstall -y xfce" when: xo_model == "none" and internet_available and ansible_distribution_version <= "20" - #tags: download - name: Install X11 group of packages shell: "yum groupinstall -y 'X Window system'" when: xo_model == "none" and internet_available and ansible_distribution_version <= "20" - #tags: download - name: Install Xfce group of packages shell: yum groupinstall -y "Xfce Desktop" --exclude fedora-release\* when: xo_model == "none" and internet_available and ansible_distribution_version >= "21" - #tags: download - name: Install X Windows on CentOS shell: yum groupinstall -y "Server with GUI" when: internet_available and ansible_distribution == "CentOS" - #tags: download - name: Download TeamViewer software get_url: @@ -25,7 +21,6 @@ dest: "{{ yum_packages_dir }}/{{ teamviewer_rpm_file }}" timeout: "{{ download_timeout }}" when: internet_available | bool - #tags: download # F22 has issues with yum localinstall exclude for now - name: Do the install of TeamViewer, pulling in any required dependencies diff --git a/roles/2-common/tasks/iptables.yml b/roles/2-common/tasks/iptables.yml index 7163c0a62..f0b5a4560 100644 --- a/roles/2-common/tasks/iptables.yml +++ b/roles/2-common/tasks/iptables.yml @@ -31,14 +31,12 @@ name: iptables-persistent state: present when: is_debuntu | bool - #tags: download - name: Install package iptables-services (OS's other than debuntu) package: name: iptables-services state: present when: not is_debuntu - #tags: download - name: Install /etc/sysconfig/iptables-config from template template: diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index 185f22949..527e46e87 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -132,7 +132,6 @@ with_items: - hostapd_8188_i386 when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available - #tags: xo - name: Put the substitute in place copy: diff --git a/roles/all-vars/tasks/main.yml b/roles/all-vars/tasks/main.yml index 19f42a49f..51c83ad19 100644 --- a/roles/all-vars/tasks/main.yml +++ b/roles/all-vars/tasks/main.yml @@ -11,4 +11,3 @@ debug: msg: "{{ msg.split('\n') }}" - #tags: debug_info diff --git a/roles/awstats/tasks/enable.yml b/roles/awstats/tasks/enable.yml index a0278bcf6..ae216c907 100644 --- a/roles/awstats/tasks/enable.yml +++ b/roles/awstats/tasks/enable.yml @@ -49,7 +49,7 @@ value: AWStats - option: description value: '"AWStats (originally known as Advanced Web Statistics) is a package written in Perl which generates static or dynamic html summaries based upon web server logs."' - - option: installed + - option: install value: "{{ awstats_install }}" - option: enabled value: "{{ awstats_enabled }}" diff --git a/roles/calibre-web/tasks/install.yml b/roles/calibre-web/tasks/install.yml index a6002e5c8..96a4940ca 100644 --- a/roles/calibre-web/tasks/install.yml +++ b/roles/calibre-web/tasks/install.yml @@ -64,9 +64,9 @@ template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: root - group: root - mode: '0644' + # owner: root + # group: root + # mode: '0644' with_items: - { src: 'calibre-web.service.j2', dest: '/etc/systemd/system/calibre-web.service' } - { src: 'calibre-web.conf.j2', dest: '/etc/apache2/sites-available/calibre-web.conf' } diff --git a/roles/captiveportal/tasks/main.yml b/roles/captiveportal/tasks/main.yml index 34347948e..6c164abd9 100644 --- a/roles/captiveportal/tasks/main.yml +++ b/roles/captiveportal/tasks/main.yml @@ -39,7 +39,7 @@ value: Captive Portal - option: description value: '"Captive Portal tries to open the browser automatically, so users don''t have to type in URL''s like http://box.lan in support of kiosk-like situations, in multilingual and less literate communities."' - - option: installed + - option: install value: "{{ captiveportal_install }}" - option: enabled value: "{{ captiveportal_enabled }}" diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index d071b22cc..d0a52f7ff 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -61,7 +61,7 @@ enabled: yes when: cups_enabled and is_F18 -- name: Permit headless admin of CUPS -- only works when CUPS daemon is running, if cups_enabled +- name: Permit headless admin of CUPS -- only works when CUPS daemon is running (if cups_enabled) shell: "cupsctl --remote-admin" when: cups_enabled | bool diff --git a/roles/gitea/tasks/install.yml b/roles/gitea/tasks/install.yml index 498fa4b9e..7f3b94815 100644 --- a/roles/gitea/tasks/install.yml +++ b/roles/gitea/tasks/install.yml @@ -47,7 +47,6 @@ url: "{{ gitea_download_url }}" dest: "{{ gitea_install_path }}" mode: '0775' - #tags: install when: internet_available | bool - name: Download Gitea GPG signature diff --git a/roles/httpd/tasks/install.yml b/roles/httpd/tasks/install.yml index 123d8c940..8dfaf8b88 100644 --- a/roles/httpd/tasks/install.yml +++ b/roles/httpd/tasks/install.yml @@ -8,7 +8,6 @@ - "php{{ php_version }}-curl" state: present when: is_debian | bool - #tags: download - name: 'Install 2 packages: apache2, php (ubuntu)' package: @@ -19,7 +18,6 @@ - php state: present when: is_ubuntu | bool - #tags: download # 2019-05-30: It's interesting that http://box.lan/admin and everything seems # to work even without php{{ php_version }}-sqlite3 as confirmed on Ubuntu @@ -50,7 +48,6 @@ - php-curl state: present when: is_redhat | bool - #tags: download # remove symlinks for mpm-event, replace with mpm-prefork - name: Remove both mpm_event symlinks from /etc/apache2/mods-enabled (debuntu) diff --git a/roles/iiab-admin/tasks/access.yml b/roles/iiab-admin/tasks/access.yml index 776f420d7..511103f17 100644 --- a/roles/iiab-admin/tasks/access.yml +++ b/roles/iiab-admin/tasks/access.yml @@ -4,4 +4,3 @@ - screen - lynx state: present - #tags: download diff --git a/roles/iiab-admin/tasks/main.yml b/roles/iiab-admin/tasks/main.yml index 38a673a2b..d0b38eb3a 100644 --- a/roles/iiab-admin/tasks/main.yml +++ b/roles/iiab-admin/tasks/main.yml @@ -1,9 +1,7 @@ - include_tasks: admin-user.yml - #tags: base when: iiab_admin_user_install | bool - include_tasks: access.yml - #tags: base - name: Add 'iiab-admin' variable values to {{ iiab_ini_file }} ini_file: diff --git a/roles/internetarchive/tasks/enable.yml b/roles/internetarchive/tasks/enable.yml index 6a5855c2b..c77003285 100644 --- a/roles/internetarchive/tasks/enable.yml +++ b/roles/internetarchive/tasks/enable.yml @@ -42,6 +42,6 @@ - option: name value: Internet Archive - option: description - value: '"Dweb-mirror is intended to make the Internet Archive experience and UI available offline."' + value: '"Take the Internet Archive experience and materials offline, in a decentralized way!"' - option: internetarchive_enabled value: "{{ internetarchive_enabled }}" diff --git a/roles/mongodb/tasks/install.yml b/roles/mongodb/tasks/install.yml index a03d819bc..08e8c6a21 100644 --- a/roles/mongodb/tasks/install.yml +++ b/roles/mongodb/tasks/install.yml @@ -7,7 +7,6 @@ - mongodb # 2019-01-31: this package does not exist on (cannot be installed on) Debian 10, SEE #1437 state: present when: internet_available and not is_rpi - #tags: download # 2019-02-02: Sugarizer with Node.js 10.x requires MongoDB 2.6+ so # https://andyfelong.com/2017/08/mongodb-3-0-14-for-raspbian-stretch/ diff --git a/roles/monit/tasks/install.yml b/roles/monit/tasks/install.yml index 6529cb3a6..7e16ada96 100644 --- a/roles/monit/tasks/install.yml +++ b/roles/monit/tasks/install.yml @@ -2,14 +2,12 @@ package: name: monit state: present - #tags: download - name: Install chkconfig package (debian-8) package: name: chkconfig state: present when: is_debian and ansible_distribution_major_version == "8" - #tags: download - name: Install /etc/monitrc from template template: diff --git a/roles/mosquitto/tasks/install.yml b/roles/mosquitto/tasks/install.yml index aaf10bd3d..695a8d9f2 100644 --- a/roles/mosquitto/tasks/install.yml +++ b/roles/mosquitto/tasks/install.yml @@ -5,7 +5,6 @@ with_items: - mosquitto - mosquitto-clients - #tags: download - name: Disable & Stop 'mosquitto' service systemd: diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index e3409ac24..8af6a95aa 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -59,7 +59,7 @@ value: Munin - option: description value: '"Munin is a networked resource monitoring tool that can help analyze resource trends and ''what just happened to kill our performance?'' problems."' - - option: installed + - option: install value: "{{ munin_install }}" - option: enabled value: "{{ munin_enabled }}" diff --git a/roles/network/tasks/computed_network.yml b/roles/network/tasks/computed_network.yml index e3c7203f8..5e78b7714 100644 --- a/roles/network/tasks/computed_network.yml +++ b/roles/network/tasks/computed_network.yml @@ -178,7 +178,6 @@ regexp: '^IIAB_WAN_DEVICE=*' line: 'IIAB_WAN_DEVICE="{{ iiab_wan_iface }}"' when: not installing #REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml - #tags: network - name: Record IIAB_LAN_DEVICE to {{ iiab_env_file }} lineinfile: @@ -187,7 +186,6 @@ line: 'IIAB_LAN_DEVICE="{{ iiab_lan_iface }}"' state: present when: not installing #REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml - #tags: network - name: Add 'computed_network' variable values to {{ iiab_ini_file }} ini_file: diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index 9d4c9345e..fba41efe9 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -2,7 +2,6 @@ package: name: dansguardian state: present - #tags: download - name: Install /etc/dansguardian/dansguardian.conf from template (Fedora) template: diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index 68f68a44d..140d5b8f4 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -84,7 +84,6 @@ src: network/wifi-slave.j2 dest: "/etc/sysconfig/network-scripts/ifcfg-{{ iiab_wireless_lan_iface }}" when: iiab_lan_iface == "br0" and iiab_wireless_lan_iface != "none" - #tags: network - include_tasks: enable_wan.yml when: not installing and not iiab_demo_mode diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 31e9ef1e4..4e0b7e026 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,6 +1,5 @@ - include_tasks: detected_network.yml when: not installing # REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml - #tags: network, network-discover # REMOVE SUCH LINES (BELOW TOO) AS WE'RE IN "network" ? - name: IF WIFI IS PRIMARY GATEWAY, PLEASE RUN 'iiab-hotspot-on' MANUALLY set_fact: @@ -27,10 +26,8 @@ - include_tasks: computed_network.yml when: not installing #REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml - #tags: network, network-discover - include_tasks: hostapd.yml - #tags: network, AP #- name: RPi - don't reboot to AP post install - installed via wifi - don't blow away current network # set_fact: @@ -44,12 +41,10 @@ ##### End static ip address info #- include_tasks: hosts.yml -# tags: network, hostname, domain - name: Configure wondershaper include_tasks: wondershaper.yml when: wondershaper_install or wondershaper_installed is defined - #tags: network, wondershaper - name: (Re)Install named include_tasks: named.yml @@ -65,13 +60,10 @@ #### start services - include_tasks: avahi.yml - #tags: network - include_tasks: computed_services.yml - #tags: network, named, dhcpd, dnsmasq, squid - include_tasks: enable_services.yml - #tags: network, named, dhcpd, dnsmasq, squid #### end services #### Start network layout @@ -79,40 +71,33 @@ include_tasks: ifcfg_mods.yml when: is_redhat | bool #and not installing - #tags: network - name: Netplan in use on Ubuntu 18.04+ include_tasks: netplan.yml when: is_ubuntu and not is_ubuntu_16 #when: is_ubuntu_18 | bool #and not installing - #tags: network - name: NetworkManager in use include_tasks: NM-debian.yml when: is_debuntu and network_manager_active #and not installing - #tags: network - name: systemd-networkd in use include_tasks: sysd-netd-debian.yml when: is_debuntu and systemd_networkd_active #and not installing - #tags: network - name: RPi's have dhcpcd in use include_tasks: rpi_debian.yml when: is_debuntu and is_rpi #and not installing - #tags: network - name: Not RPi, Not NetworkManager, Not systemd-networkd in use include_tasks: debian.yml when: (not is_rpi and not network_manager_active and not systemd_networkd_active and is_debuntu) or is_ubuntu_16 #and not installing - #tags: network #### end network layout - include_tasks: restart.yml when: not installing - #tags: network, named, dhcpd, dnsmasq, squid, AP diff --git a/roles/osm-vector-maps/tasks/main.yml b/roles/osm-vector-maps/tasks/main.yml index 2fba601a5..9aeb1945e 100644 --- a/roles/osm-vector-maps/tasks/main.yml +++ b/roles/osm-vector-maps/tasks/main.yml @@ -43,7 +43,7 @@ value: OSM Vector Maps - option: description value: '"OpenStreetMap is like Google Maps but better, for schools especially, as it works offline and avoids all the advertising. Download detailed ''vector maps'' for an entire continent, or the entire world! Also includes 10+ zoom levels of satellite imagery!"' - - option: installed + - option: install value: "{{ osm_vector_maps_install }}" - option: enabled value: "{{ osm_vector_maps_enabled }}" diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index df377b2bc..50a4bbc3e 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -125,7 +125,7 @@ value: PostgreSQL - option: description value: '"PostgreSQL is a powerful, open source object-relational database system."' - - option: installed + - option: install value: "{{ postgresql_install }}" - option: enabled value: "{{ postgresql_enabled }}" diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index c613f691c..b11fd4572 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -2,7 +2,6 @@ - debug: var: nodejs_install - - debug: var: nodejs_enabled diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 0303d0e46..ad33cc15e 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -2,7 +2,6 @@ package: name: vnstat state: present - #tags: download - name: Install /etc/vnstat.conf from template template: @@ -53,7 +52,7 @@ value: vnStat - option: description value: '"vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s)."' - - option: installed + - option: install value: "{{ vnstat_install }}" - option: enabled value: "{{ vnstat_enabled }}" From 210200e85c0495618588618ac710356dd565b7f5 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 30 Jan 2020 05:06:22 -0500 Subject: [PATCH 44/45] Spacing/Comment in roles/network/tasks/main.yml --- roles/network/tasks/main.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 4e0b7e026..0b79b9acb 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -58,15 +58,16 @@ include_tasks: squid.yml when: squid_install and FQDN_changed and iiab_stage|int == 9 -#### start services +#### Start services + - include_tasks: avahi.yml - - include_tasks: computed_services.yml - - include_tasks: enable_services.yml -#### end services +#### End services + #### Start network layout + - name: Redhat networking include_tasks: ifcfg_mods.yml when: is_redhat | bool @@ -99,5 +100,6 @@ #and not installing #### end network layout + - include_tasks: restart.yml - when: not installing + when: not installing # REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml From bb0a7842d00eb046ead899529e1fb72e0f7eb354 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 30 Jan 2020 09:56:37 -0500 Subject: [PATCH 45/45] Temp: illustrate vars as non-meta dependency mechanism evolves --- roles/moodle/tasks/install.yml | 9 ++++++++- roles/nodered/tasks/install.yml | 25 ++++++++++++++++++++++++- roles/pbx/tasks/main.yml | 17 +++++++++++++++++ roles/samba/tasks/main.yml | 8 ++++---- roles/sugarizer/tasks/install.yml | 4 ++++ 5 files changed, 57 insertions(+), 6 deletions(-) diff --git a/roles/moodle/tasks/install.yml b/roles/moodle/tasks/install.yml index 270b5913b..4283312c0 100644 --- a/roles/moodle/tasks/install.yml +++ b/roles/moodle/tasks/install.yml @@ -1,4 +1,11 @@ -- name: "Set PostgreSQL vars 'postgresql_install: True' and 'postgresql_enabled: True'" +- debug: + var: postgresql_install +- debug: + var: postgresql_enabled +- debug: + var: postgresql_installed + +- name: "Set 'postgresql_install: True' and 'postgresql_enabled: True'" set_fact: postgresql_install: True postgresql_enabled: True diff --git a/roles/nodered/tasks/install.yml b/roles/nodered/tasks/install.yml index 8944491f6..80551feac 100644 --- a/roles/nodered/tasks/install.yml +++ b/roles/nodered/tasks/install.yml @@ -1,10 +1,33 @@ # 2019-01-16: @jvonau's PR #1403 moved installation of Node.js (8.x for now) & # npm to roles/nodejs/tasks/main.yml +- debug: + var: nodejs_install +- debug: + var: nodejs_enabled +- debug: + var: nodejs_installed + +- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + set_fact: + nodejs_install: True + nodejs_enabled: True + +# 2020-01-04 no longer triggered by roles/nodered/meta/main.yml - name: NODEJS - run the 'nodejs' role include_role: name: nodejs -# 2020-01-04 no longer triggered by roles/nodered/meta/main.yml + +- name: FAIL (STOP THE INSTALL) IF nodejs_installed is undefined + fail: + msg: "Sugarizer install cannot proceed, as Node.js failed to install." + when: nodejs_installed is undefined + +- name: FAIL (STOP THE INSTALL) IF nodejs_version != "12.x" + fail: + msg: "Sugarizer install cannot proceed, as it currently requires Node.js 12.x, and your nodejs_version appears to be {{ nodejs_version }}. Please check the value of nodejs_version in /opt/iiab/iiab/vars/default_vars.yml, /etc/iiab/local_vars.yml, /opt/iiab/iiab/roles/nodejs, etc!" + when: nodejs_version != "12.x" + # BRUTAL but ensures consistency across OS's / distros like Raspbian Desktop & # Ubermix that often include an older version of Node-RED. Brutal, as this diff --git a/roles/pbx/tasks/main.yml b/roles/pbx/tasks/main.yml index 50752065f..bdcc26c51 100644 --- a/roles/pbx/tasks/main.yml +++ b/roles/pbx/tasks/main.yml @@ -1,7 +1,24 @@ +- debug: + var: nodejs_install +- debug: + var: nodejs_enabled +- debug: + var: nodejs_installed + +- name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" + set_fact: + nodejs_install: True + nodejs_enabled: True + - name: NODEJS - run the 'nodejs' role include_role: name: nodejs +- name: FAIL (STOP THE INSTALL) IF nodejs_installed is undefined + fail: + msg: "PBX install cannot proceed, as Node.js failed to install." + when: nodejs_installed is undefined + - name: Fail if nodejs_version is incorrect fail: msg: >- diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index be0022ca3..17e80938f 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -41,28 +41,28 @@ line: 'samba_installed: True' -- name: Enable & Start Samba ({{ smb_service }}) systemd service, if samba_enabled +- name: Enable & Start Samba systemd service ({{ smb_service }}) if samba_enabled service: name: "{{ smb_service }}" state: started enabled: yes when: samba_enabled | bool -- name: Enable & Start NetBIOS name server ({{ nmb_service }}) if samba_enabled +- name: Enable & Start NetBIOS name service ({{ nmb_service }}) if samba_enabled service: name: "{{ nmb_service }}" state: started enabled: yes when: samba_enabled | bool -- name: Disable & Stop Samba ({{ smb_service }}) systemd service, if not samba_enabled +- name: Disable & Stop Samba systemd service ({{ smb_service }}) if not samba_enabled systemd: name: "{{ smb_service }}" state: stopped enabled: no when: not samba_enabled -- name: Disable & Stop NetBIOS name server ({{ nmb_service }}) if not samba_enabled +- name: Disable & Stop NetBIOS name service ({{ nmb_service }}) if not samba_enabled systemd: name: "{{ nmb_service }}" state: stopped diff --git a/roles/sugarizer/tasks/install.yml b/roles/sugarizer/tasks/install.yml index b11fd4572..90e6ad1fb 100644 --- a/roles/sugarizer/tasks/install.yml +++ b/roles/sugarizer/tasks/install.yml @@ -4,6 +4,8 @@ var: nodejs_install - debug: var: nodejs_enabled +- debug: + var: nodejs_installed - name: "Set 'nodejs_install: True' and 'nodejs_enabled: True'" set_fact: @@ -29,6 +31,8 @@ var: mongodb_install - debug: var: mongodb_enabled +- debug: + var: mongodb_installed - name: "Set 'mongodb_install: True' and 'mongodb_enabled: True'" set_fact: