From 53041a83f76806d0881994f8bab3ed9a9d0bfe1c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 00:32:58 -0500 Subject: [PATCH 01/49] timeout: "{{ download_timeout }}" --- roles/nodogsplash/tasks/rpi.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/nodogsplash/tasks/rpi.yml b/roles/nodogsplash/tasks/rpi.yml index 0354a708f..6a320a901 100644 --- a/roles/nodogsplash/tasks/rpi.yml +++ b/roles/nodogsplash/tasks/rpi.yml @@ -7,9 +7,10 @@ get_url: url: "{{ iiab_download_url }}/{{ nodogsplash_arm_deb }}" dest: "{{ downloads_dir }}/{{ nodogsplash_arm_deb }}" + timeout: "{{ download_timeout }}" when: internet_available - async: 300 - poll: 5 + #async: 300 + #poll: 5 - name: Install nodogsplash apt: From 7e92a56710684baada1962cbb1e23966463f6b9a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 00:33:52 -0500 Subject: [PATCH 02/49] Update main.yml --- roles/kiwix/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/kiwix/tasks/main.yml b/roles/kiwix/tasks/main.yml index 82926db84..7658a8df1 100644 --- a/roles/kiwix/tasks/main.yml +++ b/roles/kiwix/tasks/main.yml @@ -27,6 +27,7 @@ get_url: url: "{{ iiab_download_url }}/{{ kiwix_src_file }}" dest: "{{ downloads_dir }}/{{ kiwix_src_file }}" + timeout: "{{ download_timeout }}" when: internet_available - name: Check for /opt/iiab/downloads/{{ kiwix_src_file }} From 75b0dd5e2e0162ec0cf589ff6f2bddcd8e6e3ac3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 00:40:41 -0500 Subject: [PATCH 03/49] Update install.yml --- roles/dokuwiki/tasks/install.yml | 41 ++++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 12 deletions(-) diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index 815a23d9e..00814cb08 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,31 +1,48 @@ - name: Get the DokuWiki software - get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest={{ downloads_dir }}/ + get_url: + url: "{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" + dest: "{{ downloads_dir }}/" + timeout: "{{ download_timeout }}" when: internet_available - name: Copy it to permanent location /library - unarchive: src={{ downloads_dir }}/{{ dokuwiki_version }}.tgz dest=/library creates=/library/{{ dokuwiki_version }}/VERSION + unarchive: + src: "{{ downloads_dir }}/{{ dokuwiki_version }}.tgz" + dest: /library + creates: "/library/{{ dokuwiki_version }}/VERSION" - name: Symlink /library/dokuwiki* to /library/dokuwiki shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi - name: Install config file for DokuWiki in Apache - template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf + template: + src: dokuwiki.conf.j2 + dest: "/etc/{{ apache_config_dir }}/dokuwiki.conf" when: dokuwiki_enabled -- name: Enable the DokuWiki - file: path=/etc/apache2/sites-enabled/dokuwiki.conf - src=/etc/apache2/sites-available/dokuwiki.conf - state=link +- name: Enable the DokuWiki (debuntu) + file: + src: /etc/apache2/sites-available/dokuwiki.conf + dest: /etc/apache2/sites-enabled/dokuwiki.conf + state: link when: dokuwiki_enabled and is_debuntu -- name: Disable the DokuWiki - file: path=/etc/apache2/sites-enabled/dokuwiki.conf - state=absent +- name: Disable the DokuWiki (debuntu) + file: + path: /etc/apache2/sites-enabled/dokuwiki.conf + state: absent when: not dokuwiki_enabled and is_debuntu - name: Change permissions on engine directory so Apache can write - file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes + file: + path: "/library/{{ dokuwiki_version }}" + owner: "{{ apache_user }}" + mode: 0755 + state: directory + recurse: yes - name: Restart Apache, so it picks up the new aliases - service: name={{ apache_service }} state=restarted + service: + name: "{{ apache_service }}" + state: restarted From 8f0f8d6ce54047b0742aebbf966c5cc49521f318 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 00:43:03 -0500 Subject: [PATCH 04/49] Update rpi.yml --- roles/nodogsplash/tasks/rpi.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/nodogsplash/tasks/rpi.yml b/roles/nodogsplash/tasks/rpi.yml index 6a320a901..537c6bf30 100644 --- a/roles/nodogsplash/tasks/rpi.yml +++ b/roles/nodogsplash/tasks/rpi.yml @@ -59,11 +59,11 @@ option: "{{ item.option }}" value: "{{ item.value }}" with_items: - - option: name - value: nodogsplash - - option: description - value: '"Nodogsplash is a lightweight Captive Portal."' - - option: source - value: "{{ nodogsplash_arm_deb }}" - - option: enabled - value: "{{ nodogsplash_enabled }}" + - option: name + value: nodogsplash + - option: description + value: '"Nodogsplash is a lightweight Captive Portal."' + - option: source + value: "{{ nodogsplash_arm_deb }}" + - option: enabled + value: "{{ nodogsplash_enabled }}" From d9659bc7fd03985a305ef6efff0b77ae9a446d4f Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 00:49:24 -0500 Subject: [PATCH 05/49] Update install.yml --- roles/wordpress/tasks/install.yml | 115 +++++++++++++++++------------- 1 file changed, 64 insertions(+), 51 deletions(-) diff --git a/roles/wordpress/tasks/install.yml b/roles/wordpress/tasks/install.yml index 03f64b68e..2fcdf7868 100644 --- a/roles/wordpress/tasks/install.yml +++ b/roles/wordpress/tasks/install.yml @@ -15,6 +15,7 @@ get_url: url: "{{ wordpress_download_base_url }}/{{ wordpress_src }}" dest: "{{ downloads_dir }}" + timeout: "{{ download_timeout }}" # force: yes # backup: yes register: wp_download_output @@ -61,66 +62,78 @@ command: "/usr/bin/find {{ wp_abs_path }} -type d -exec chmod 775 {} +" - name: Copy wp salt values - copy: src=wp-keys.php.BAK - dest={{ wp_abs_path }}/wp-keys.php.BAK - owner=root - group={{ apache_user }} - mode=0640 + copy: + src: wp-keys.php.BAK + dest: "{{ wp_abs_path }}/wp-keys.php.BAK" + owner: root + group: "{{ apache_user }}" + mode: 0640 # Fetch random salts for WordPress config into wp-keys.php file by generating script and running - name: Create wp salt script - template: src=get-iiab-wp-salts.j2 - dest=/tmp/get-iiab-wp-salts - owner=root - group=root - mode=0700 + template: + src: get-iiab-wp-salts.j2 + dest: /tmp/get-iiab-wp-salts + owner: root + group: root + mode: 0700 - name: Run wp salt script to create /library/wordpress/wp-keys.php command: /tmp/get-iiab-wp-salts - name: Cleanup - remove wp salt script - file: path=/tmp/get-iiab-wp-salts - state=absent + file: + path: /tmp/get-iiab-wp-salts + state: absent - name: MySQL database needs to be running if we are trying to create a new db - service: state=started - name='{{ mysql_service }}' + service: + state: started + name: "{{ mysql_service }}" - name: Create MySQL wordpress database - mysql_db: name={{ wp_db_name }} - state=present + mysql_db: + name: "{{ wp_db_name }}" + state: present - name: Create MySQL wordpress database user - mysql_user: name={{ wp_db_user }} - password={{ wp_db_user_password }} - priv={{ wp_db_name }}.*:ALL,GRANT - state=present + mysql_user: + name: "{{ wp_db_user }}" + password: "{{ wp_db_user_password }}" + priv: "{{ wp_db_name }}.*:ALL,GRANT" + state: present - name: Copy WordPress config file - template: src=wp-config.php.j2 - dest={{ wp_abs_path }}/wp-config.php - owner=root - group={{ apache_user }} - mode=0660 + template: + src: wp-config.php.j2 + dest: "{{ wp_abs_path }}/wp-config.php" + owner: root + group: "{{ apache_user }}" + mode: 0660 - name: Copy WordPress httpd conf file - template: src=wordpress.conf.j2 - dest=/etc/{{ apache_config_dir }}/wordpress.conf + template: + src: wordpress.conf.j2 + dest: "/etc/{{ apache_config_dir }}/wordpress.conf" - name: Enable httpd conf file if we are disabled (debuntu) - file: path=/etc/apache2/sites-enabled/wordpress.conf - src=/etc/apache2/sites-available/wordpress.conf - state=link + file: + src: /etc/apache2/sites-available/wordpress.conf + dest: /etc/apache2/sites-enabled/wordpress.conf + state: link when: wordpress_enabled and is_debuntu - name: Remove httpd conf file if we are disabled (OS's other than debuntu) - file: path=/etc/apache2/sites-enabled/wordpress.conf - state=absent + file: + path: /etc/apache2/sites-enabled/wordpress.conf + state: absent when: not wordpress_enabled and is_debuntu - name: Restart Apache, so it picks up the new aliases - service: name={{ apache_service }} state=restarted + service: + name: "{{ apache_service }}" + state: restarted - name: Add 'wordpress' to list of services at /etc/iiab/iiab.ini ini_file: @@ -129,21 +142,21 @@ option: "{{ item.option }}" value: "{{ item.value }}" with_items: - - option: name - value: WordPress - - option: description - value: '"WordPress is a blog and web site management application."' - - option: wordpress_src - value: "{{ wordpress_src }}" - - option: wp_abs_path - value: "{{ wp_abs_path }}" - - option: wp_db_name - value: "{{ wp_db_name }}" - - option: wp_db_user - value: "{{ wp_db_user }}" - - option: wp_url - value: "{{ wp_url }}" - - option: wp_full_url - value: "{{ wp_full_url }}" - - option: wordpress_enabled - value: "{{ wordpress_enabled }}" + - option: name + value: WordPress + - option: description + value: '"WordPress is a blog and web site management application."' + - option: wordpress_src + value: "{{ wordpress_src }}" + - option: wp_abs_path + value: "{{ wp_abs_path }}" + - option: wp_db_name + value: "{{ wp_db_name }}" + - option: wp_db_user + value: "{{ wp_db_user }}" + - option: wp_url + value: "{{ wp_url }}" + - option: wp_full_url + value: "{{ wp_full_url }}" + - option: wordpress_enabled + value: "{{ wordpress_enabled }}" From 2a4f2ac64a5e5833b110e9941c0863acc8f9ae66 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 00:52:19 -0500 Subject: [PATCH 06/49] Update packages.yml --- roles/2-common/tasks/packages.yml | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index 4634d3c5c..e2d8f5610 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -1,6 +1,7 @@ - name: Install yum packages (redhat) - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - yum-utils - createrepo @@ -13,19 +14,21 @@ - avahi-tools when: is_redhat -- name: Download usbmount -- not in Debian Stretch (debian-9) +- name: Download usbmount -- not in Debian Stretch (debian_9) get_url: url: "{{ iiab_download_url }}/usbmount_0.0.14.1_all.deb" dest: "{{ downloads_dir }}" + timeout: "{{ download_timeout }}" when: is_debian_9 -- name: Install usbmount (debian-9) +- name: Install usbmount (debian_9) command: apt install -y {{ downloads_dir }}/usbmount_0.0.14.1_all.deb when: is_debian_9 - name: Install packages (debuntu) - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - inetutils-syslogd - wpasupplicant @@ -37,8 +40,9 @@ when: is_debuntu - name: Install common packages - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - acpid - mlocate @@ -74,8 +78,9 @@ # command: python {{ downloads_dir }}/get-pip.py - name: Install common Python packages - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - python-pip - python-setuptools From 29fe74652be00cd4e5ee8f749ed1dca59bd00f4d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:05:03 -0500 Subject: [PATCH 07/49] Update xo.yml --- roles/2-common/tasks/xo.yml | 154 ++++++++++++++++++++---------------- 1 file changed, 87 insertions(+), 67 deletions(-) diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index 168f978bc..a43dabd88 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -3,31 +3,36 @@ - name: Disable sleep command: touch /etc/powerd/flags/inhibit-suspend - creates=/etc/powerd/flags/inhibit-suspend + args: + creates: /etc/powerd/flags/inhibit-suspend - name: Disable sleep on lid closing - lineinfile: dest=/etc/powerd/powerd.conf - regexp='^config_SLEEP_WHEN_LID_CLOSED' - line='config_SLEEP_WHEN_LID_CLOSED="no"' - state=present - backup=yes + lineinfile: + dest: /etc/powerd/powerd.conf + regexp: '^config_SLEEP_WHEN_LID_CLOSED' + line: 'config_SLEEP_WHEN_LID_CLOSED="no"' + state: present + backup: yes - name: Keep yum cache - ini_file: dest=/etc/yum.conf - section=main - option=keepcache - value=1 + ini_file: + dest: /etc/yum.conf + section: main + option: keepcache + value: 1 when: not installing - name: Keep docs when installing packages - lineinfile: backup=yes - dest=/etc/rpm/macros.imgcreate - regexp='^%_excludedocs' - state=absent + lineinfile: + backup: yes + dest: /etc/rpm/macros.imgcreate + regexp: '^%_excludedocs' + state: absent - name: Pre-install packages - package: name={{ item }} - state=latest + package: + name: "{{ item }}" + state: latest with_items: - usbmount - man @@ -39,77 +44,91 @@ when: not osbuilder is defined - name: Configure networkmanager plugin - ini_file: dest=/etc/NetworkManager/NetworkManager.conf - section=main - option=plugins - value=ifcfg-rh,keyfile + ini_file: + dest: /etc/NetworkManager/NetworkManager.conf + section: main + option: plugins + value: ifcfg-rh,keyfile - name: Check for modem config file - stat: path=/etc/NetworkManager/system-connections/"Sugar Modem Connection" + stat: + path: /etc/NetworkManager/system-connections/"Sugar Modem Connection" register: config - name: Change failure and interval settings for modem connection - ini_file: dest=/etc/NetworkManager/system-connections/"Sugar Modem Connection" - section=ppp - option={{ item.option }} - value={{ item.value }} - backup=yes - mode=0600 + ini_file: + dest: /etc/NetworkManager/system-connections/"Sugar Modem Connection" + section: ppp + option: "{{ item.option }}" + value: "{{ item.value }}" + backup: yes + mode: 0600 with_items: - - { option: 'lcp-echo-failure', value: '5' } - - { option: 'lcp-echo-interval', value: '30' } + - { option: 'lcp-echo-failure', value: '5' } + - { option: 'lcp-echo-interval', value: '30' } when: config.stat.exists - name: Create bigger rwtab - lineinfile: backup=yes - dest=/etc/sysconfig/readonly-root - regexp='^RW_OPTIONS' - line='RW_OPTIONS="-o size=4M -o nr_inodes=2048"' - state=present + lineinfile: + backup: yes + dest: /etc/sysconfig/readonly-root + regexp: '^RW_OPTIONS' + line: 'RW_OPTIONS="-o size=4M -o nr_inodes=2048"' + state: present - name: Remove dhcpd entry from /etc/rwtab - lineinfile: backup=yes - dest=/etc/rwtab - regexp='^empty.*/var/lib/dhcpd' - state=absent + lineinfile: + backup: yes + dest: /etc/rwtab + regexp: '^empty.*/var/lib/dhcpd' + state: absent - name: Remove php entry from /etc/rwtab - lineinfile: backup=yes - dest=/etc/rwtab - regexp='^empty.*/var/lib/php' - state=absent + lineinfile: + backup: yes + dest: /etc/rwtab + regexp: '^empty.*/var/lib/php' + state: absent - name: Persist /etc/hosts between reboots - lineinfile: backup=yes - dest=/etc/statetab.d/olpc - regexp='^/etc/hosts' - state=absent + lineinfile: + backup: yes + dest: /etc/statetab.d/olpc + regexp: '^/etc/hosts' + state: absent - name: Disable /var/log tmpfs - lineinfile: backup=yes - dest=/etc/fstab - regexp='^varlog.*' - state=absent + lineinfile: + backup: yes + dest: /etc/fstab + regexp: '^varlog.*' + state: absent - name: Enlarge the /tmp directory so that url_get does not error out - lineinfile: backup=yes - dest=/etc/fstab - regexp='^/tmp*' - line='/tmp /tmp tmpfs rw,size=600m 0 0' + lineinfile: + backup: yes + dest: /etc/fstab + regexp: '^/tmp*' + line: '/tmp /tmp tmpfs rw,size=600m 0 0' - name: Disable graphical login - file: path=/etc/systemd/system/default.target - src=/lib/systemd/system/multi-user.target - state=link + file: + src: /lib/systemd/system/multi-user.target + dest: /etc/systemd/system/default.target + state: link register: disabled_login - name: Remove custom profile settings - file: path=/etc/profile.d/zzz_olpc.sh - state=absent + file: + path: /etc/profile.d/zzz_olpc.sh + state: absent - name: Download substitute software for i386 on FC18 XO1.5 - get_url: url="{{ iiab_download_url }}/{{ item }}" dest={{ downloads_dir }}/{{ item }} + get_url: + url: "{{ iiab_download_url }}/{{ item }}" + dest: "{{ downloads_dir }}/{{ item }}" + timeout: "{{ download_timeout }}" with_items: - hostapd_8188_i386 when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available @@ -117,13 +136,14 @@ - xo - name: Put the substitute in place - copy: src={{ downloads_dir }}/hostapd_8188_i386 - dest=/usr/sbin/hostapd - backup=yes - mode=0775 - owner=root - group=root - when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" + copy: + src: "{{ downloads_dir }}/hostapd_8188_i386" + dest: /usr/sbin/hostapd + backup: yes + mode: 0775 + owner: root + group: root + when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" - name: Reboot system command: /sbin/reboot From b739c8b00a7693c34477b5e677d226dc29e69dd9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:07:01 -0500 Subject: [PATCH 08/49] Update create-db.yml --- roles/calibre/tasks/create-db.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/calibre/tasks/create-db.yml b/roles/calibre/tasks/create-db.yml index be3c47f8f..f630f8b2e 100644 --- a/roles/calibre/tasks/create-db.yml +++ b/roles/calibre/tasks/create-db.yml @@ -13,6 +13,7 @@ get_url: url: "{{ iiab_download_url }}/{{ calibre_sample_book }}" dest: "{{ content_base }}/downloads" + timeout: "{{ download_timeout }}" when: internet_available and not sample_bk.stat.exists - name: Check if sample book exists in /opt/iiab/downloads From 4ad1d22d8861910b8c72b8e546ee8b54aca93e04 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:07:49 -0500 Subject: [PATCH 09/49] Update py-installer.yml --- roles/calibre/tasks/py-installer.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/calibre/tasks/py-installer.yml b/roles/calibre/tasks/py-installer.yml index 4480405ea..96c3162e5 100644 --- a/roles/calibre/tasks/py-installer.yml +++ b/roles/calibre/tasks/py-installer.yml @@ -8,6 +8,7 @@ mode: 0755 force: yes backup: yes + timeout: "{{ download_timeout }}" register: calibre_download_output when: internet_available From 67c0b1113334163a2c6019ea936d035e371ec76d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:16:51 -0500 Subject: [PATCH 10/49] Update main.yml --- roles/1-prep/tasks/main.yml | 55 +++++++++++++++++++++++-------------- 1 file changed, 34 insertions(+), 21 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 84e210854..03f94ea46 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -4,16 +4,20 @@ command: echo - name: Get the uuidgen program - package: name=uuid-runtime - state=present + package: + name: uuid-runtime + state: present when: is_debuntu - name: Test for /etc/iiab/uuid file - stat: path=/etc/iiab/uuid + stat: + path: /etc/iiab/uuid register: uuid_file - name: Create folder to hold uuid - file: path=/etc/iiab state=directory + file: + path: /etc/iiab + state: directory when: not uuid_file.stat.exists - name: If no uuid exists, create one @@ -31,30 +35,36 @@ - name: Get the value into a variable set_fact: - uuid={{ stored_uuid.stdout_lines[0] }} + uuid: "{{ stored_uuid.stdout_lines[0] }}" # for rpi, without rtc, we need time as soon as possible - name: Install chrony package - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - - chrony + - chrony tags: - download #TODO: Use regexp filter instead of hard-code ip - name: Update chrony config file - template: backup=no - dest=/etc/chrony.conf - src=chrony.conf.j2 + template: + backup: no + dest: /etc/chrony.conf + src: chrony.conf.j2 - name: Disable AppArmor -- on by default in Ubuntu - service: name=apparmor enabled=False state=stopped + service: + name: apparmor + enabled: False + state: stopped when: is_ubuntu ignore_errors: true - name: Disable SELinux on next boot - selinux: state=disabled + selinux: + state: disabled register: selinux_disabled when: not is_debuntu @@ -68,19 +78,22 @@ when: first_run and rpi_model != "none" - name: Check if the identifier for Intel's NUC6 builtin WiFi is present - shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'" + shell: "lsusb | grep 8087:0a2b | wc | awk '{print $1}'" register: usb_NUC6 ignore_errors: true - name: Download the firmware for built-in WiFi on NUC6 - get_url: dest=/lib/firmware - url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode + get_url: + dest: /lib/firmware + url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode" + timeout: "{{ download_timeout }}" when: usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location - name: Recording STAGE 1 HAS COMPLETED ============================ - template: src=roles/1-prep/templates/iiab.env.j2 - dest=/etc/iiab/iiab.env - owner=root - group=root - mode=0644 + template: + src: roles/1-prep/templates/iiab.env.j2 + dest: /etc/iiab/iiab.env + owner: root + group: root + mode: 0644 From 772aeb5d28402b0d393fca7ffb982e1beee39318 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:20:01 -0500 Subject: [PATCH 11/49] Update main.yml --- roles/sugarizer/tasks/main.yml | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/roles/sugarizer/tasks/main.yml b/roles/sugarizer/tasks/main.yml index f81005737..e75c871c8 100644 --- a/roles/sugarizer/tasks/main.yml +++ b/roles/sugarizer/tasks/main.yml @@ -2,6 +2,8 @@ get_url: url: "{{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz" dest: "{{ downloads_dir }}/{{ sugarizer_version }}.tar.gz" + timeout: "{{ download_timeout }}" + when: internet_available - name: Untar to /library/www/html/{{ sugarizer_version }} unarchive: @@ -40,12 +42,13 @@ # attempting to reinstall npm is broken on Raspbian 9 - name: Check for Sugarizer already installed - stat: path={{ sugarizer_location }}/sugarizer/server/node_modules + stat: + path: "{{ sugarizer_location }}/sugarizer/server/node_modules" register: npm - name: Set a flag to abort second attempt to install set_fact: - npm_exists: True + npm_exists: True when: npm.stat.exists is defined and npm.stat.exists - name: Create systemd files and copy our ini file @@ -56,8 +59,8 @@ group: root mode: 0644 with_items: - - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'} - - { src: 'sugarizer.ini' , dest: '{{ sugarizer_location }}/sugarizer/server' } + - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'} + - { src: 'sugarizer.ini' , dest: '{{ sugarizer_location }}/sugarizer/server' } # - { src: 'sugarizer.conf' , dest: '/etc/apache2/sites-available' } #- name: Create the symlink enabling the rewrite @@ -68,14 +71,14 @@ - name: Create the express framework for Node.js (OS's other than Fedora 18) shell: npm install args: - chdir: "{{ sugarizer_location }}/sugarizer/server" - creates: "{{ sugarizer_location }}/sugarizer/server/node_modules" + chdir: "{{ sugarizer_location }}/sugarizer/server" + creates: "{{ sugarizer_location }}/sugarizer/server/node_modules" when: not is_F18 and not npm_exists - name: Create the express framework for Node.js (Fedora 18) shell: npm install args: - chdir: "{{ sugarizer_location }}/sugarizer/server" + chdir: "{{ sugarizer_location }}/sugarizer/server" when: is_F18 and not npm_exists - name: Enable services (all OS's) @@ -84,7 +87,7 @@ enabled: yes state: restarted with_items: - - { name: sugarizer } + - { name: sugarizer } when: sugarizer_enabled - name: Disable services (all OS's) @@ -103,9 +106,9 @@ option: "{{ item.option }}" value: "{{ item.value }}" with_items: - - option: name - value: Sugarizer - - option: description - value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' - - option: enabled - value: "{{ sugarizer_enabled }}" + - option: name + value: Sugarizer + - option: description + value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."' + - option: enabled + value: "{{ sugarizer_enabled }}" From 90351bb6a876884f4cafc3e81b626a38a8da1637 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:21:21 -0500 Subject: [PATCH 12/49] Update main.yml --- roles/1-prep/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/tasks/main.yml b/roles/1-prep/tasks/main.yml index 03f94ea46..37df72fcf 100644 --- a/roles/1-prep/tasks/main.yml +++ b/roles/1-prep/tasks/main.yml @@ -84,10 +84,10 @@ - name: Download the firmware for built-in WiFi on NUC6 get_url: - dest: /lib/firmware url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode" + dest: /lib/firmware timeout: "{{ download_timeout }}" - when: usb_NUC6.stdout|int > 0 + when: internet_available and usb_NUC6.stdout|int > 0 # this script can be sourced to get IIAB location - name: Recording STAGE 1 HAS COMPLETED ============================ From 7363a99c90d9252b2c904d83093faa781c3a6c11 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:22:54 -0500 Subject: [PATCH 13/49] Update xo.yml --- roles/2-common/tasks/xo.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml index a43dabd88..c9fb0d8ea 100644 --- a/roles/2-common/tasks/xo.yml +++ b/roles/2-common/tasks/xo.yml @@ -34,10 +34,10 @@ name: "{{ item }}" state: latest with_items: - - usbmount - - man - - man-db - - man-pages + - usbmount + - man + - man-db + - man-pages - name: Re-install packages shell: yum -y reinstall sed libidn grep which util-linux wget gnupg2 groff gnash yum @@ -130,8 +130,8 @@ dest: "{{ downloads_dir }}/{{ item }}" timeout: "{{ download_timeout }}" with_items: - - hostapd_8188_i386 - when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available + - hostapd_8188_i386 + when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available tags: - xo From 2cb717366568e3440771a0f78107abafb7a8977c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:25:19 -0500 Subject: [PATCH 14/49] Update packages.yml --- roles/2-common/tasks/packages.yml | 78 +++++++++++++++---------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/roles/2-common/tasks/packages.yml b/roles/2-common/tasks/packages.yml index e2d8f5610..05c38f359 100644 --- a/roles/2-common/tasks/packages.yml +++ b/roles/2-common/tasks/packages.yml @@ -3,15 +3,15 @@ name: "{{ item }}" state: present with_items: - - yum-utils - - createrepo - - wpa_supplicant - - linux-firmware - - syslog - - xml-common - - nss-mdns - - avahi - - avahi-tools + - yum-utils + - createrepo + - wpa_supplicant + - linux-firmware + - syslog + - xml-common + - nss-mdns + - avahi + - avahi-tools when: is_redhat - name: Download usbmount -- not in Debian Stretch (debian_9) @@ -19,7 +19,7 @@ url: "{{ iiab_download_url }}/usbmount_0.0.14.1_all.deb" dest: "{{ downloads_dir }}" timeout: "{{ download_timeout }}" - when: is_debian_9 + when: internet_available and is_debian_9 - name: Install usbmount (debian_9) command: apt install -y {{ downloads_dir }}/usbmount_0.0.14.1_all.deb @@ -44,32 +44,32 @@ name: "{{ item }}" state: present with_items: - - acpid - - mlocate - - rsync - - htop - - etckeeper - - python-passlib - - usbmount - - net-tools - - openssh-server - - sudo - - logrotate - - make - - tar - - unzip - - bzip2 - - i2c-tools - - bridge-utils - - usbutils - - hostapd - - wget - - openssl #FC 18 does not supply, but pear requires - - gawk - - curl - - pandoc - - lynx - - ntfs-3g + - acpid + - mlocate + - rsync + - htop + - etckeeper + - python-passlib + - usbmount + - net-tools + - openssh-server + - sudo + - logrotate + - make + - tar + - unzip + - bzip2 + - i2c-tools + - bridge-utils + - usbutils + - hostapd + - wget + - openssl #FC 18 does not supply, but pear requires + - gawk + - curl + - pandoc + - lynx + - ntfs-3g #- name: Install pip as a commonly required package management system # command: curl https://bootstrap.pypa.io/get-pip.py -o {{ downloads_dir }}/get-pip.py @@ -82,9 +82,9 @@ name: "{{ item }}" state: present with_items: - - python-pip - - python-setuptools - - python-virtualenv + - python-pip + - python-setuptools + - python-virtualenv # instructions state to start with a fully updated system before starting, stop using # ansible as a crutch for developers not following the directions and taking short-cuts From 00bcb85924e83d08e26945ec44d31053dc1389ef Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:28:52 -0500 Subject: [PATCH 15/49] Update main.yml --- roles/phpmyadmin/tasks/main.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/roles/phpmyadmin/tasks/main.yml b/roles/phpmyadmin/tasks/main.yml index ebc15a756..a66a13a83 100644 --- a/roles/phpmyadmin/tasks/main.yml +++ b/roles/phpmyadmin/tasks/main.yml @@ -1,7 +1,8 @@ -- name: Download the phpMyAdmin software +- name: Download phpMyAdmin software get_url: url: "{{ iiab_download_url }}/{{ phpmyadmin_name_zip }}" dest: "{{ downloads_dir }}" + timeout: "{{ download_timeout }}" #register: phpmyadmin_dl_output when: internet_available @@ -71,11 +72,11 @@ option: "{{ item.option }}" value: "{{ item.value }}" with_items: - - option: name - value: phpMyAdmin - - option: description - value: '"phpMyAdmin is an interface with a MySQL database written in PHP, and available to administer the database engine locally or across the network."' - - option: path - value: /opt/phpmyadmin - - option: enabled - value: "{{ phpmyadmin_enabled }}" + - option: name + value: phpMyAdmin + - option: description + value: '"phpMyAdmin is an interface with a MySQL database written in PHP, and available to administer the database engine locally or across the network."' + - option: path + value: /opt/phpmyadmin + - option: enabled + value: "{{ phpmyadmin_enabled }}" From ef48d49b884f3e1d9577a772659bb83f49b7d266 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:33:31 -0500 Subject: [PATCH 16/49] Update install.yml --- roles/kalite/tasks/install.yml | 47 +++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 20 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index fa09461dc..1d0d0923f 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -1,13 +1,17 @@ # This is for an OS other than Fedora 18 - name: Install missing packages required for KA Lite startup - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - python-virtualenv - name: Grab the requirements file - get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt + get_url: + url: "{{ kalite_requirements }}" + dest: "{{ pip_packages_dir }}/kalite.txt" + timeout: "{{ download_timeout }}" when: internet_available #- name: Install KA Lite non-static + reqs file with pip - (debuntu) @@ -19,11 +23,12 @@ # when: internet_available and is_debuntu - name: Install KA Lite static with pip - (debuntu) - pip: name=ka-lite-static - version={{ kalite_version }} - virtualenv={{ kalite_venv }} - virtualenv_site_packages=no - extra_args="--no-cache-dir" + pip: + name: ka-lite-static + version: "{{ kalite_version }}" + virtualenv: "{{ kalite_venv }}" + virtualenv_site_packages: no + extra_args: "--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available and is_debuntu @@ -36,30 +41,32 @@ # when: internet_available and not is_debuntu - name: Install KA Lite static with pip - (OS's other than debuntu) - pip: name=ka-lite-static - version={{ kalite_version }} - virtualenv={{ kalite_venv }} - virtualenv_site_packages=no + pip: + name: ka-lite-static + version: "{{ kalite_version }}" + virtualenv: "{{ kalite_venv }}" + virtualenv_site_packages: no # extra_args="--no-cache-dir" # extra_args="--disable-pip-version-check" when: internet_available and not is_debuntu - name: Default is to have cronserve started with KA Lite set_fact: - job_scheduler_stanza: "" + job_scheduler_stanza: "" - name: Add --skip-job-scheduler to start if cronserve not enabled set_fact: - job_scheduler_stanza: "--skip-job-scheduler " + job_scheduler_stanza: "--skip-job-scheduler " when: not kalite_cron_enabled - name: Create 'kalite-serve' service, kalite.sh and kalite.conf - template: backup=no - src={{ item.src }} - dest={{ item.dest }} - owner=root - group=root - mode={{ item.mode }} + template: + backup: no + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: root + group: root + mode: "{{ item.mode }}" with_items: - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'} - { src: 'kalite.sh.j2', dest: '/usr/bin/kalite', mode: '0755'} From e5244caa610da09ae065756bc0e25f57cc5c2225 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:37:27 -0500 Subject: [PATCH 17/49] Update install.yml --- roles/teamviewer/tasks/install.yml | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/roles/teamviewer/tasks/install.yml b/roles/teamviewer/tasks/install.yml index 93ef6f234..64a7f2013 100644 --- a/roles/teamviewer/tasks/install.yml +++ b/roles/teamviewer/tasks/install.yml @@ -1,30 +1,33 @@ # we need to install X11 and the xfce display manager - name: Install xfce group of packages shell: "yum groupinstall -y xfce" - when: xo_model == "none" and internet_available and ansible_distribution_version <= "20" + when: xo_model == "none" and internet_available and ansible_distribution_version <= "20" tags: - download - name: Install X11 group of packages shell: "yum groupinstall -y 'X Window system'" - when: xo_model == "none" and internet_available and ansible_distribution_version <= "20" + when: xo_model == "none" and internet_available and ansible_distribution_version <= "20" tags: - download - name: Install xfce group of packages shell: yum groupinstall -y "Xfce Desktop" --exclude fedora-release\* - when: xo_model == "none" and internet_available and ansible_distribution_version >= "21" + when: xo_model == "none" and internet_available and ansible_distribution_version >= "21" tags: - download - name: Install X Windows on CentOS shell: yum groupinstall -y "Server with GUI" - when: internet_available and ansible_distribution == "CentOS" + when: internet_available and ansible_distribution == "CentOS" tags: - download - name: Get the teamviewer software - get_url: url="{{ teamviewer_url }}/{{ teamviewer_rpm_file }}" dest="{{ yum_packages_dir }}/{{ teamviewer_rpm_file }}" + get_url: + url: "{{ teamviewer_url }}/{{ teamviewer_rpm_file }}" + dest: "{{ yum_packages_dir }}/{{ teamviewer_rpm_file }}" + timeout: "{{ download_timeout }}" when: internet_available tags: - download @@ -40,8 +43,9 @@ when: teamviewer_install and xo_model == "none" and ansible_distribution_version >= "22" - name: using local copy - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - - teamviewer* + - teamviewer* when: teamviewer_install and xo_model == "none" and ansible_distribution_version >= "22" From 111218342f7d8493a1fbff4e6ae532df4dcb4f2e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:39:50 -0500 Subject: [PATCH 18/49] Update F18.yml --- roles/nextcloud/tasks/F18.yml | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/roles/nextcloud/tasks/F18.yml b/roles/nextcloud/tasks/F18.yml index a29aea723..c6d66b246 100644 --- a/roles/nextcloud/tasks/F18.yml +++ b/roles/nextcloud/tasks/F18.yml @@ -1,11 +1,17 @@ - name: Remove /etc/nextcloud to avoid confusion as we use the config in {{ nextcloud_prefix }}/nextcloud/config/ - file: path=/etc/nextcloud - state=absent + file: + path: /etc/nextcloud + state: absent # but we use the tar file to get the latest version; really only benefits the xo4 on fedora 18 -- name: Get the nextcloud software - get_url: url="{{ nextcloud_dl_url }}"/{{ nextcloud_src_file }} dest={{ downloads_dir }}/{{ nextcloud_src_file }} +- name: Get Nextcloud software + get_url: + url: "{{ nextcloud_dl_url }}/{{ nextcloud_src_file }}" + dest: "{{ downloads_dir }}/{{ nextcloud_src_file }}" + timeout: "{{ download_timeout }}" when: internet_available - name: Copy it to permanent location /opt - unarchive: src={{ downloads_dir }}/{{ nextcloud_src_file }} dest=/opt/ + unarchive: + src: "{{ downloads_dir }}/{{ nextcloud_src_file }}" + dest: /opt/ From 1f7812b0ad7f7949696e03de08b5a4ff81d75321 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:42:39 -0500 Subject: [PATCH 19/49] Update main.yml --- roles/nextcloud/tasks/main.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index c8e29240c..41d3dbcbf 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -18,6 +18,7 @@ url: "{{ nextcloud_dl_url }}/{{ nextcloud_orig_src_file }}" dest: "{{ downloads_dir }}/{{ nextcloud_src_file }}" force: yes + timeout: "{{ download_timeout }}" when: internet_available and nextcloud_force_install async: 900 poll: 15 @@ -162,13 +163,13 @@ option: "{{ item.option }}" value: "{{ item.value }}" with_items: - - option: name - value: Nextcloud - - option: description - value: '"NextCloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."' - - option: path - value: "{{ nextcloud_prefix }}/nextcloud" - - option: source - value: "{{ nextcloud_src_file }}" - - option: enabled - value: "{{ nextcloud_enabled }}" + - option: name + value: Nextcloud + - option: description + value: '"NextCloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."' + - option: path + value: "{{ nextcloud_prefix }}/nextcloud" + - option: source + value: "{{ nextcloud_src_file }}" + - option: enabled + value: "{{ nextcloud_enabled }}" From 36c273d1c600c76ca70f720c90a2d7493198334e Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:45:02 -0500 Subject: [PATCH 20/49] Update F18.yml --- roles/nextcloud/tasks/F18.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/nextcloud/tasks/F18.yml b/roles/nextcloud/tasks/F18.yml index c6d66b246..5e76d45c4 100644 --- a/roles/nextcloud/tasks/F18.yml +++ b/roles/nextcloud/tasks/F18.yml @@ -4,9 +4,9 @@ state: absent # but we use the tar file to get the latest version; really only benefits the xo4 on fedora 18 -- name: Get Nextcloud software +- name: Download latest Nextcloud software to /opt/iiab/download/{{ nextcloud_src_file }} get_url: - url: "{{ nextcloud_dl_url }}/{{ nextcloud_src_file }}" + url: "{{ nextcloud_dl_url }}/{{ nextcloud_orig_src_file }}" dest: "{{ downloads_dir }}/{{ nextcloud_src_file }}" timeout: "{{ download_timeout }}" when: internet_available From adf3f5701e365ed597773f555e88f652c2d61028 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:47:49 -0500 Subject: [PATCH 21/49] Update install.yml --- roles/teamviewer/tasks/install.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/teamviewer/tasks/install.yml b/roles/teamviewer/tasks/install.yml index 64a7f2013..f6c375460 100644 --- a/roles/teamviewer/tasks/install.yml +++ b/roles/teamviewer/tasks/install.yml @@ -1,5 +1,5 @@ -# we need to install X11 and the xfce display manager -- name: Install xfce group of packages +# we need to install X11 and the Xfce display manager +- name: Install Xfce group of packages shell: "yum groupinstall -y xfce" when: xo_model == "none" and internet_available and ansible_distribution_version <= "20" tags: @@ -11,7 +11,7 @@ tags: - download -- name: Install xfce group of packages +- name: Install Xfce group of packages shell: yum groupinstall -y "Xfce Desktop" --exclude fedora-release\* when: xo_model == "none" and internet_available and ansible_distribution_version >= "21" tags: @@ -23,7 +23,7 @@ tags: - download -- name: Get the teamviewer software +- name: Download TeamViewer software get_url: url: "{{ teamviewer_url }}/{{ teamviewer_rpm_file }}" dest: "{{ yum_packages_dir }}/{{ teamviewer_rpm_file }}" @@ -33,16 +33,16 @@ - download # F22 has issues with yum localinstall exclude for now -- name: Do the install of teamviewer, pulling in any required dependencies +- name: Do the install of TeamViewer, pulling in any required dependencies shell: "yum localinstall -y {{ yum_packages_dir }}/{{ teamviewer_rpm_file }}" when: teamviewer_install and internet_available and xo_model == "none" and ansible_distribution_version <= "21" -- name: making local copy available +- name: Making local copy available shell: createrepo {{ yum_packages_dir }} when: teamviewer_install and xo_model == "none" and ansible_distribution_version >= "22" -- name: using local copy +- name: Using local copy package: name: "{{ item }}" state: present From 7c128cfc9eedcc5336fc8a33badf155f44714261 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:48:58 -0500 Subject: [PATCH 22/49] Update install.yml --- roles/kalite/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/kalite/tasks/install.yml b/roles/kalite/tasks/install.yml index 1d0d0923f..4be6dc4c7 100644 --- a/roles/kalite/tasks/install.yml +++ b/roles/kalite/tasks/install.yml @@ -7,7 +7,7 @@ with_items: - python-virtualenv -- name: Grab the requirements file +- name: Download KA Lite's requirements file get_url: url: "{{ kalite_requirements }}" dest: "{{ pip_packages_dir }}/kalite.txt" @@ -22,7 +22,7 @@ # extra_args="--disable-pip-version-check" # when: internet_available and is_debuntu -- name: Install KA Lite static with pip - (debuntu) +- name: Install KA Lite static with pip (debuntu) pip: name: ka-lite-static version: "{{ kalite_version }}" From 0dfad17b3a5fe4125bd5d006535bdf863309fbf1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:51:28 -0500 Subject: [PATCH 23/49] Update install.yml --- roles/dokuwiki/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/dokuwiki/tasks/install.yml b/roles/dokuwiki/tasks/install.yml index 00814cb08..b3bd11d2a 100644 --- a/roles/dokuwiki/tasks/install.yml +++ b/roles/dokuwiki/tasks/install.yml @@ -1,4 +1,4 @@ -- name: Get the DokuWiki software +- name: Download DokuWiki software get_url: url: "{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz" dest: "{{ downloads_dir }}/" From 854d7a028dcea1e0cdad22a052947894025adce3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 01:52:23 -0500 Subject: [PATCH 24/49] Update rpi.yml --- roles/nodogsplash/tasks/rpi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nodogsplash/tasks/rpi.yml b/roles/nodogsplash/tasks/rpi.yml index 537c6bf30..b43838118 100644 --- a/roles/nodogsplash/tasks/rpi.yml +++ b/roles/nodogsplash/tasks/rpi.yml @@ -3,7 +3,7 @@ name: libmicrohttpd12 state: present -- name: Get the nodogsplash software +- name: Download nodogsplash software get_url: url: "{{ iiab_download_url }}/{{ nodogsplash_arm_deb }}" dest: "{{ downloads_dir }}/{{ nodogsplash_arm_deb }}" From c6b313a4996fe2965f276a1a18f82ae751b7a08b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 02:02:28 -0500 Subject: [PATCH 25/49] Update main.yml --- roles/0-init/tasks/main.yml | 60 +++++++++++++++++++++---------------- 1 file changed, 34 insertions(+), 26 deletions(-) diff --git a/roles/0-init/tasks/main.yml b/roles/0-init/tasks/main.yml index 8e548ee05..88f5ebafd 100644 --- a/roles/0-init/tasks/main.yml +++ b/roles/0-init/tasks/main.yml @@ -1,7 +1,8 @@ # Initialize - name: ...IS BEGINNING ============================================ - stat: path=/etc/iiab/iiab.env + stat: + path: /etc/iiab/iiab.env register: NewInstall - name: Setting first run flag @@ -18,32 +19,33 @@ #- name: Loading computed_vars # include_tasks: roles/0-init/tasks/computed_vars.yml - name: Re-read local_facts.facts from /etc/ansible/facts.d - setup: filter=ansible_local + setup: + filter: ansible_local - name: Set top level variables from local facts for convenience set_fact: - xo_model: '{{ ansible_local.local_facts.xo_model }}' - phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}' - iiab_stage: '{{ ansible_local.local_facts.stage }}' + xo_model: "{{ ansible_local.local_facts.xo_model }}" + phplib_dir: "{{ ansible_local.local_facts.phplib_dir }}" + iiab_stage: "{{ ansible_local.local_facts.stage }}" - name: Discover if this is running Raspbian -- if so assume it is a RPi set_fact: - rpi_model: "rpi" - is_rpi: True + rpi_model: "rpi" + is_rpi: True # no_net_restart: True # nobridge: True when: ansible_local.local_facts.os == "raspbian" - name: Set exFAT enabled for XO laptops set_fact: - exFAT_enabled: True + exFAT_enabled: True when: xo_model != "none" # Discover do we have a gateway? -- if ansible detects gateway, becomes WAN candidate - name: Finding gateway set_fact: - discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" - iiab_wan_iface: "{{ discovered_wan_iface }}" + discovered_wan_iface: "{{ ansible_default_ipv4.alias }}" + iiab_wan_iface: "{{ discovered_wan_iface }}" when: ansible_default_ipv4.gateway is defined - name: Verify gateway present @@ -53,11 +55,14 @@ - name: Recording gateway response set_fact: - gw_active: True + gw_active: True when: discovered_wan_iface != "none" and gw_active_test.stdout == "1" - name: Test for internet access - get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt + get_url: + url: "{{ iiab_download_url }}/heart-beat.txt" + dest: /tmp/heart-beat.txt + timeout: "{{ download_timeout }}" ignore_errors: True # async: 10 # poll: 2 @@ -65,12 +70,13 @@ - name: Set internet_available true if wget succeeded set_fact: - internet_available: True + internet_available: True when: not internet_access_test|failed and not disregard_network - name: Cleanup internet test file - file: path=/tmp/heart-beat.txt - state=absent + file: + path: /tmp/heart-beat.txt + state: absent # Put all computed vars here so derive properly from any prior var file - name: If the TZ is not set in env, set it to UTC @@ -146,19 +152,20 @@ - name: Set FQDN set_fact: - iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" - FQDN_changed: False + iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}" + FQDN_changed: False - name: FQDN changed set_fact: - FQDN_changed: True + FQDN_changed: True when: iiab_fqdn != ansible_fqdn - name: Add version section - ini_file: dest='{{ iiab_config_file }}' - section=runtime - option='{{ item.option }}' - value='{{ item.value }}' + ini_file: + dest: "{{ iiab_config_file }}" + section: runtime + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: 'iiab_stage' value: '{{ iiab_stage }}' @@ -202,10 +209,11 @@ when: FQDN_changed - name: STAGE 0 HAS COMPLETED ====================================== - ini_file: dest='{{ iiab_config_file }}' - section=runtime - option='{{ item.option }}' - value='{{ item.value }}' + ini_file: + dest: "{{ iiab_config_file }}" + section: runtime + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: 'is_VM' value: 'yes' From 2a31af35bcd77fd73bfc8bfa95cb6eeab266a153 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 02:15:55 -0500 Subject: [PATCH 26/49] Update default_vars.yml --- vars/default_vars.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 461ea34c2..398b62d03 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -17,6 +17,8 @@ pip_packages_dir: "{{ iiab_base }}/pip-packages" yum_packages_dir: "{{ iiab_base }}/yum-packages" downloads_dir: "{{ iiab_base }}/downloads" iiab_download_url: http://download.iiab.io/packages +# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails +download_timeout: 100 # Configuration File(s) iiab_config_file: /etc/iiab/iiab.ini From bbe819aa2285c7440c3418940dff3cc14a0af7e7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 02:16:10 -0500 Subject: [PATCH 27/49] Update medium.localvars --- vars/medium.localvars | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vars/medium.localvars b/vars/medium.localvars index cb1391648..460768414 100644 --- a/vars/medium.localvars +++ b/vars/medium.localvars @@ -6,6 +6,9 @@ # Original Idea: branch github.com/xsce/xsce-local for your deployment +# Ansible's default timeout for "get_url:" downloads (10 seconds) often fails +download_timeout: 100 + # Users and Passwords # Uncomment the following if you don't want iiab_admin_user (by default From 950313fd9875eb37721b0a4275e50ba55cfb584b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 03:53:07 -0500 Subject: [PATCH 28/49] Update main.yml --- roles/postgresql/tasks/main.yml | 107 ++++++++++++++++++-------------- 1 file changed, 60 insertions(+), 47 deletions(-) diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index e1b3a1ccc..b0cac5489 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,91 +1,104 @@ - name: Install PostgreSQL packages - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - postgresql tags: - download -- name: Install PostgreSQL for Debian - package: name=postgresql-client +- name: Install postgresql-client (debuntu) + package: + name: postgresql-client when: is_debuntu tags: - download -- name: Install PostgreSQL for Fedora - package: name=postgresql-server +- name: Install postgresql-server (OS's other than debuntu) + package: + name: postgresql-server when: not is_debuntu tags: - download - name: Create postgresql-iiab systemd service - template: src=postgresql-iiab.service - dest=/etc/systemd/system/postgresql-iiab.service - owner=root - group=root - mode=0644 + template: + src: postgresql-iiab.service + dest: /etc/systemd/system/postgresql-iiab.service + owner: root + group: root + mode: 0644 - name: Create postgres data directory - file: path=/library/pgsql-iiab - owner=postgres - group=postgres - mode=0700 - state=directory + file: + path: /library/pgsql-iiab + owner: postgres + group: postgres + mode: 0700 + state: directory -- name: Make sure that the en_US locale is enabled - lineinfile: dest=/etc/locale.gen - line="{{ postgresql_locale }} UTF-8" +- name: Make sure that the en_US locale is enabled (debuntu) + lineinfile: + dest: /etc/locale.gen + line: "{{ postgresql_locale }} UTF-8" when: is_debuntu -- name: Generate the selected locales +- name: Generate the selected locales (debuntu) command: /usr/sbin/locale-gen when: is_debuntu -- name: Initialize the postgres db - command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab" - creates=/library/pgsql-iiab/pg_hba.conf +- name: Initialize the postgres db (debuntu) + command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab" + args: + creates: /library/pgsql-iiab/pg_hba.conf when: is_debuntu -- name: Initialize the postgres db - command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab" - creates=/library/pgsql-iiab/pg_hba.conf +- name: Initialize the postgres db (OS's other than debuntu) + command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab" + args: + creates: /library/pgsql-iiab/pg_hba.conf when: not is_debuntu - name: Configure PostgreSQL - template: backup=yes - src=postgresql.conf.j2 - dest=/library/pgsql-iiab/postgresql.conf - owner=postgres - group=postgres - mode=0640 + template: + backup: yes + src: postgresql.conf.j2 + dest: /library/pgsql-iiab/postgresql.conf + owner: postgres + group: postgres + mode: 0640 -- name: Stop postgresql service +- name: Stop postgresql service (debuntu) command: "/etc/init.d/postgresql stop" ignore_errors: True when: postgresql_install and is_debuntu - name: Stop and disable stock postgresql service - service: name=postgresql - state=stopped - enabled=no + service: + name: postgresql + state: stopped + enabled: no - name: Start and enable postgresql-iiab service - service: name=postgresql-iiab - state=started - enabled=yes + service: + name: postgresql-iiab + state: started + enabled: yes when: postgresql_enabled - name: Stop and disable postgresql-iiab service if not postgresql_enabled - service: name=postgresql-iiab - state=stopped - enabled=no + service: + name: postgresql-iiab + state: stopped + enabled: no when: not postgresql_enabled -- name: Add postgresql to service list - ini_file: dest='{{ service_filelist }}' - section=postgresql - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'postgresql' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: postgresql + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name value: postgresql From d3a30e8eb42752196e4764bb189bc3b3ecd12957 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 04:43:40 -0500 Subject: [PATCH 29/49] Update main.yml --- roles/moodle/tasks/main.yml | 168 ++++++++++++++++++++---------------- 1 file changed, 95 insertions(+), 73 deletions(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index c618a0b4f..1f97226ce 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -1,15 +1,17 @@ --- -- name: Install Moodle required packages - package: name={{ item }} - state=present +- name: Install Moodle required packages (OS's other than debunt) + package: + name: "{{ item }}" + state: present with_items: - python-psycopg2 - php-pgsql when: not is_debuntu -- name: Install Moodle required packages - package: name={{ item }} - state=present +- name: Install Moodle required packages (debuntu) + package: + name: "{{ item }}" + state: present with_items: - python-psycopg2 - php{{ php_version }}-pgsql @@ -21,107 +23,125 @@ - php{{ php_version }}-cli when: is_debuntu -- name: php-zip name for Debian 9 or Ubuntu - package: name=php{{ php_version }}-zip +- name: php-zip name (debian_9 or ubuntu) + package: + name: "php{{ php_version }}-zip" when: is_debian_9 or is_ubuntu -- name: php-zip name for Debian 8 - package: name=php-pclzip +- name: php-zip name for (debian_8) + package: + name: php-pclzip when: is_debian_8 - name: Determine if Moodle is already downloaded - stat: path={{ moodle_base }}/config-dist.php + stat: + path: "{{ moodle_base }}/config-dist.php" register: moodle - name: Download the latest Moodle repo - git: repo={{ moodle_repo_url }} - dest={{ moodle_base }} - depth=1 - force=yes - version="MOODLE_{{ moodle_version }}_STABLE" + git: + repo: "{{ moodle_repo_url }}" + dest: "{{ moodle_base }}" + depth: 1 + force: yes + version: "MOODLE_{{ moodle_version }}_STABLE" # ignore_errors: yes - when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists + when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists - name: Prepare the downloaded directory so Apache can install config file - file: path={{ moodle_base }} - owner={{ apache_user }} - recurse=yes - state=directory + file: + path: "{{ moodle_base }}" + owner: "{{ apache_user }}" + recurse: yes + state: directory - name: Give Apache permission to write Moodle data directory - file: path={{ content_base }}/dbdata/moodle - owner={{ apache_user }} - mode=0755 - state=directory + file: + path: "{{ content_base }}/dbdata/moodle" + owner: "{{ apache_user }}" + mode: 0755 + state: directory - name: Create a Moodle data dir with Apache permission to write - file: path={{ moodle_data }} - owner={{ apache_user }} - group={{ apache_user }} - mode=0770 - state=directory + file: + path: "{{ moodle_data }}" + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + mode: 0770 + state: directory - name: Remove stock Moodle conf - file: path='/etc/{{ apache_config_dir }}/moodle.conf' - state=absent + file: + path: "/etc/{{ apache_config_dir }}/moodle.conf" + state: absent - name: Put Moodle config file in place - template: src=022-moodle.j2 - dest=/etc/{{ apache_config_dir }}/022-moodle.conf - owner=root - group=root - mode=0644 + template: + src: 022-moodle.j2 + dest: "/etc/{{ apache_config_dir }}/022-moodle.conf" + owner: root + group: root + mode: 0644 when: moodle_enabled -- name: Enable Moodle - file: path=/etc/apache2/sites-enabled/022-moodle.conf - src=/etc/apache2/sites-available/022-moodle.conf - state=link +- name: Enable Moodle (debuntu) + file: + src: /etc/apache2/sites-available/022-moodle.conf + dest: /etc/apache2/sites-enabled/022-moodle.conf + state: link when: moodle_enabled and is_debuntu -- name: Disable Moodle - file: path=/etc/apache2/sites-enabled/022-moodle.conf - state=absent +- name: Disable Moodle (debuntu) + file: + path: /etc/apache2/sites-enabled/022-moodle.conf + state: absent when: not moodle_enabled and is_debuntu - name: Start postgresql-iiab - service: name=postgresql-iiab - state=restarted + service: + name: postgresql-iiab + state: restarted - name: Create db user - postgresql_user: name=Admin - password=changeme - role_attr_flags=NOSUPERUSER,NOCREATEROLE,NOCREATEDB - state=present + postgresql_user: + name: Admin + password: changeme + role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB + state: present become: yes become_user: postgres - name: Create database - postgresql_db: name=moodle - encoding=utf8 - owner=Admin - template=template1 - state=present + postgresql_db: + name: moodle + encoding: utf8 + owner: Admin + template: template1 + state: present become: yes become_user: postgres - name: Put a startup install script in place - template: dest={{ moodle_base }} - src=moodle_installer - mode=0755 + template: + dest: "{{ moodle_base }}" + src: moodle_installer + mode: 0755 - name: Restart postgresql-iiab - service: name=postgresql-iiab - state=restarted - enabled=yes + service: + name: postgresql-iiab + state: restarted + enabled: yes when: moodle_enabled - name: Restart Apache - service: name={{ apache_service }} - state=restarted + service: + name: "{{ apache_service }}" + state: restarted - name: See if the config.php file exists - stat: path='{{ moodle_base }}/config.php' + stat: + path: "{{ moodle_base }}/config.php" register: config - name: Execute Moodle startup script @@ -130,20 +150,22 @@ - name: Give Apache permission to read config file # command: chown -R {{ apache_user }} {{ moodle_base }} - file: path={{ moodle_base }}/config.php - mode=0644 + file: + path: "{{ moodle_base }}/config.php" + mode: 0644 -- name: Add Moodle to service list - ini_file: dest='{{ service_filelist }}' - section=moodle - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'moodle' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: moodle + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name value: Moodle - option: description value: '"Access the Moodle learning management system."' - - option: 'directory path' - value: '{{ moodle_base }}' + - option: "directory path" + value: "{{ moodle_base }}" - option: moodle_enabled value: "{{ moodle_enabled }}" From 3532a449fed5cbee7bbf722759d839c23e07163c Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:01:09 -0500 Subject: [PATCH 30/49] Update main.yml --- roles/dokuwiki/tasks/main.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/roles/dokuwiki/tasks/main.yml b/roles/dokuwiki/tasks/main.yml index 7dd11ef93..360bc242b 100644 --- a/roles/dokuwiki/tasks/main.yml +++ b/roles/dokuwiki/tasks/main.yml @@ -1,12 +1,13 @@ -- name: Include the install playbook +- name: Install DokuWiki include_tasks: install.yml when: dokuwiki_install -- name: Add DokuWiki to service list - ini_file: dest='{{ service_filelist }}' - section=dokuwiki - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'dokuwiki' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: dokuwiki + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name value: dokuwiki From 4c312bc807ff4bc72d69a1b58b46c2dbe5d2234a Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:10:19 -0500 Subject: [PATCH 31/49] Update main.yml --- roles/dokuwiki/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/dokuwiki/tasks/main.yml b/roles/dokuwiki/tasks/main.yml index 360bc242b..c1cca0d1a 100644 --- a/roles/dokuwiki/tasks/main.yml +++ b/roles/dokuwiki/tasks/main.yml @@ -10,7 +10,7 @@ value: "{{ item.value }}" with_items: - option: name - value: dokuwiki + value: DokuWiki - option: description value: '"DokuWiki is a simple to use and highly versatile Open Source wiki software that does not require a database."' - option: installed From 581e60da2004e3f3d99188426544b060d5396788 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:11:58 -0500 Subject: [PATCH 32/49] Update main.yml --- roles/awstats/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/awstats/tasks/main.yml b/roles/awstats/tasks/main.yml index 6f662ada9..20e93b5b2 100644 --- a/roles/awstats/tasks/main.yml +++ b/roles/awstats/tasks/main.yml @@ -1,14 +1,14 @@ - include_tasks: install.yml when: awstats_install -- name: Add AWStats to service list +- name: Add 'awstats' to list of services at /etc/iiab/iiab.ini ini_file: dest='{{ service_filelist }}' section=awstats option='{{ item.option }}' value='{{ item.value }}' with_items: - option: name - value: awstats + value: AWStats - option: description value: '"AWStats (originally known as Advanced Web Statistics) is a package written in Perl which generates static or dynamic html summaries based upon web server logs."' - option: installed From 86a083d37568825fb519460e806de7221296c4ec Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:15:38 -0500 Subject: [PATCH 33/49] Update main.yml --- roles/monit/tasks/main.yml | 49 +++++++++++++++++++++----------------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/roles/monit/tasks/main.yml b/roles/monit/tasks/main.yml index e57ee7c39..0f3b96658 100644 --- a/roles/monit/tasks/main.yml +++ b/roles/monit/tasks/main.yml @@ -1,31 +1,35 @@ - name: Install Monit package - package: name=monit - state=present + package: + name: monit + state: present tags: - download - name: Install chkconfig package -- not in Debian 8 - package: name=chkconfig - state=present + package: + name: chkconfig + state: present when: is_debian and ansible_distribution_major_version == "8" tags: - download - name: Update main config file - template: backup=yes - src=monitrc - dest=/etc/monitrc - owner=root - group=root - mode=0600 + template: + backup: yes + src: monitrc + dest: /etc/monitrc + owner: root + group: root + mode: 0600 - name: Update config files - template: src={{ item }} - dest=/etc/monit.d/{{ item }} - owner=root - group=root - force=yes - mode=0755 + template: + src: "{{ item }}" + dest: "/etc/monit.d/{{ item }}" + owner: root + group: root + force: yes + mode: 0755 with_items: watchdog register: monit_config when: false @@ -41,14 +45,15 @@ #- name: Restart monit service # command: service monit restart -- name: Add 'monit' to service list - ini_file: dest='{{ service_filelist }}' - section=monit - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'monit' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: monit + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name - value: monit + value: Monit - option: description value: '"Monit is a background service monitor which can correct problems, send email, restart services."' - option: enabled From 2bc4a04173a09661a51030cd73a9d07fd40ec125 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:21:07 -0500 Subject: [PATCH 34/49] Update main.yml --- roles/munin/tasks/main.yml | 86 +++++++++++++++++++++----------------- 1 file changed, 48 insertions(+), 38 deletions(-) diff --git a/roles/munin/tasks/main.yml b/roles/munin/tasks/main.yml index b6b6a0728..6becb81cf 100644 --- a/roles/munin/tasks/main.yml +++ b/roles/munin/tasks/main.yml @@ -1,6 +1,7 @@ -- name: Install Munin package - package: name={{ item }} - state=present +- name: Install Munin package (debuntu) + package: + name: "{{ item }}" + state: present with_items: - munin - munin-node @@ -11,9 +12,10 @@ - download when: is_debuntu -- name: Install Munin package - package: name={{ item }} - state=present +- name: Install Munin package (OS's other than debuntu) + package: + name: "{{ item }}" + state: present with_items: - munin - munin-node @@ -22,49 +24,56 @@ when: not is_debuntu - name: Copy Munin config file - template: src={{ item.src }} - dest={{ item.dest }} - owner=root - group=root - mode=0644 + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: root + group: root + mode: 0644 with_items: - { src: 'munin.conf.j2', dest: '/etc/munin/munin.conf' } - { src: 'munin24.conf.j2', dest: '/etc/{{ apache_config_dir }}/munin24.conf' } - name: Create admin user - htpasswd: path=/etc/munin/munin-htpasswd - name=Admin - password=changeme - create=yes - state=present + htpasswd: + path: /etc/munin/munin-htpasswd + name: Admin + password: changeme + create: yes + state: present - name: Enable munin-node service - service: name=munin-node - enabled=yes - state=started + service: + name: munin-node + enabled: yes + state: started when: munin_enabled -- name: Enable Apache lookup - file: src=/etc/apache2/sites-available/munin24.conf - dest=/etc/apache2/sites-enabled/munin24.conf - state=link +- name: Enable Apache lookup (debuntu) + file: + src: /etc/apache2/sites-available/munin24.conf + dest: /etc/apache2/sites-enabled/munin24.conf + state: link when: munin_enabled and is_debuntu -- name: Disable Apache lookup - file: src=/etc/apache2/sites-available/munin24.conf - dest=/etc/apache2/sites-enabled/munin24.conf - state=absent +- name: Disable Apache lookup (debuntu) + file: + src: /etc/apache2/sites-available/munin24.conf + dest: /etc/apache2/sites-enabled/munin24.conf + state: absent when: not munin_enabled and is_debuntu - name: Disable munin-node service when it becomes disabled - service: name=munin-node - enabled=no - state=stopped + service: + name: munin-node + enabled: no + state: stopped when: not munin_enabled - name: If MySQL is enabled, let Munin monitor it - copy: dest=/etc/munin/plugins/ - src={{ item }} + copy: + src: "{{ item }}" + dest: /etc/munin/plugins/ with_items: - /usr/share/munin/plugins/mysql_ - /usr/share/munin/plugins/mysql_bytes @@ -75,14 +84,15 @@ - /usr/share/munin/plugins/mysql_threads when: mysql_enabled -- name: Add munin to service list - ini_file: dest='{{ service_filelist }}' - section=munin - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'munin' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: munin + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name - value: munin + value: Munin - option: description value: '"Munin is a networked resource monitoring tool that can help analyze resource trends and \"what just happened to kill our performance?\" problems."' - option: installed From 5fd7397c0d1743a45aab98ef0c95b5bc9af34224 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:24:57 -0500 Subject: [PATCH 35/49] Update main.yml --- roles/vnstat/tasks/main.yml | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/roles/vnstat/tasks/main.yml b/roles/vnstat/tasks/main.yml index 2a42bee7d..63fcbad7c 100644 --- a/roles/vnstat/tasks/main.yml +++ b/roles/vnstat/tasks/main.yml @@ -1,18 +1,20 @@ --- - name: Install required packages - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - vnstat tags: - download - name: Put the config file in place - template: src=vnstat.conf.j2 - dest=/etc/vnstat.conf - mode=0744 - owner=root - group=root + template: + src: vnstat.conf.j2 + dest: /etc/vnstat.conf + mode: 0744 + owner: root + group: root - name: Create database for WAN to collect vnStat data shell: /usr/bin/vnstat -i {{ iiab_wan_iface }} @@ -22,16 +24,20 @@ when: iiab_lan_iface is defined - name: Start vnStat daemon via systemd - service: name=vnstat enabled=yes state=started + service: + name: vnstat + enabled: yes + state: started -- name: Add vnStat to service list - ini_file: dest='{{ service_filelist }}' - section=vnstat - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'vnstat' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: vnstat + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name - value: vnstat + value: vnStat - option: description value: '"vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s)."' - option: installed From d79830b31777a7e7bbaf99e30ad29c898a95fece Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:33:01 -0500 Subject: [PATCH 36/49] Update main.yml --- roles/samba/tasks/main.yml | 64 ++++++++++++++++++++++++++------------ 1 file changed, 44 insertions(+), 20 deletions(-) diff --git a/roles/samba/tasks/main.yml b/roles/samba/tasks/main.yml index 8a32d7a6a..fe8e646a5 100755 --- a/roles/samba/tasks/main.yml +++ b/roles/samba/tasks/main.yml @@ -2,16 +2,25 @@ # Create a smbuser # -- name: create smb user - user: name="{{ smbuser }}" shell=/sbin/nologin password="{{ smbpassword }}" +- name: Create smb user + user: + name: "{{ smbuser }}" + shell: /sbin/nologin + password: "{{ smbpassword }}" -- name: create the public folder - file: dest="{{ shared_dir }}" owner="{{ smbuser }}" group="{{ smbuser }}" mode=0777 state=directory +- name: Create the public folder + file: + dest: "{{ shared_dir }}" + owner: "{{ smbuser }}" + group: "{{ smbuser }}" + mode: 0777 + state: directory # Install and configure samba server (requires ports 137, 138, 139, 445 open). -- name: Ensure Samba-related packages are installed. - package: name={{ item }} - state=present +- name: Ensure Samba-related packages are installed + package: + name: "{{ item }}" + state: present with_items: - samba - samba-client @@ -21,41 +30,56 @@ - samba - download -- name: put our smb.conf in place - template: src=smb.conf.j2 dest=/etc/samba/smb.conf +- name: Put our smb.conf in place + template: + src: smb.conf.j2 + dest: /etc/samba/smb.conf - name: Ensure Samba is running and set to start on boot. - service: name={{ smb_service }} state=started enabled=yes + service: + name: "{{ smb_service }}" + state: started + enabled: yes tags: - samba when : samba_enabled -- name: netbios name server is running and set to start on boot. - service: name={{ nmb_service }} state=started enabled=yes +- name: NetBIOS name server is running and set to start on boot + service: + name: "{{ nmb_service }}" + state: started + enabled: yes tags: - samba when : samba_enabled - name: Disable Samba if that is wanted - service: name={{ smb_service }} state=stopped enabled=no + service: + name: "{{ smb_service }}" + state: stopped + enabled: no tags: - samba when : not samba_enabled - name: Disable Samba name server if that is wanted - service: name={{ nmb_service }} state=stopped enabled=no + service: + name: "{{ nmb_service }}" + state: stopped + enabled: no tags: - samba when : not samba_enabled -- name: Add samba to service list - ini_file: dest='{{ service_filelist }}' - section=samba - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'samba' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: samba + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name - value: samba + value: Samba - option: description value: '"Samba is a Microsoft-compatible network file system that re-implements SMB/CIFS (Common Internet File System)."' - option: enabled From f2ca98b0586627e35088fe7ae8136a1b2bac0931 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:37:08 -0500 Subject: [PATCH 37/49] Update main.yml --- roles/moodle/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/moodle/tasks/main.yml b/roles/moodle/tasks/main.yml index 1f97226ce..6543fda72 100644 --- a/roles/moodle/tasks/main.yml +++ b/roles/moodle/tasks/main.yml @@ -165,7 +165,7 @@ value: Moodle - option: description value: '"Access the Moodle learning management system."' - - option: "directory path" + - option: "moodle_base" value: "{{ moodle_base }}" - option: moodle_enabled value: "{{ moodle_enabled }}" From effa4f179b73028846522f2713b8c5100ff0c968 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:38:26 -0500 Subject: [PATCH 38/49] Update main.yml --- roles/postgresql/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index b0cac5489..57eab26bc 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -101,7 +101,7 @@ value: "{{ item.value }}" with_items: - option: name - value: postgresql + value: PostgreSQL - option: description value: '"PostgreSQL is a powerful, open source object-relational database system."' - option: installed From 2063b77fb4a3f277cb5273bde497b4c7045aa125 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:47:21 -0500 Subject: [PATCH 39/49] Update squid.yml --- roles/network/tasks/squid.yml | 76 +++++++++++++++++++---------------- 1 file changed, 42 insertions(+), 34 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index e61c5ab84..cfddd5c0f 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -1,6 +1,7 @@ - name: Install Squid packages - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - "{{ proxy }}" - cadaver @@ -12,21 +13,24 @@ when: is_ubuntu - name: Stop Squid - service: name={{ proxy }} - state=stopped + service: + name: "{{ proxy }}" + state: stopped when: not installing - name: Create the Squid user - user: name={{ proxy_user }} - createhome=False - shell=/bin/false + user: + name: "{{ proxy_user }}" + createhome: False + shell: /bin/false - name: Copy init script and config file - template: src={{ item.src }} - dest={{ item.dest }} - owner={{ item.owner }} - group={{ item.group }} - mode={{ item.mode }} + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner }}" + group: "{{ item.group }}" + mode: "{{ item.mode }}" with_items: - src: 'roles/network/templates/squid/squid.sysconfig' dest: '/etc/sysconfig/squid' @@ -60,43 +64,47 @@ mode: '0755' - name: Create Squid cache directory - file: path=/library/cache - owner={{ proxy_user }} - group={{ proxy_user }} - mode=0750 - state=directory + file: + path: /library/cache + owner: "{{ proxy_user }}" + group: "{{ proxy_user }}" + mode: 0750 + state: directory - name: Create Squid log directory - file: path=/var/log/{{ proxy }} - owner={{ proxy_user }} - group={{ proxy_user }} - mode=0750 - state=directory + file: + path: "/var/log/{{ proxy }}" + owner: "{{ proxy_user }}" + group: "{{ proxy_user }}" + mode: 0750 + state: directory - include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install -- name: Add Squid to service list - ini_file: dest='{{ service_filelist }}' - section={{ proxy }} - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'squid' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: {{ proxy }} + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name - value: squid + value: Squid - option: description value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter."' - option: enabled value: "{{ squid_enabled }}" -- name: Add 'dansguardian' to service list - ini_file: dest='{{ service_filelist }}' - section=dansguardian - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'dansguardian' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: dansguardian + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name - value: dansguardian + value: DansGuardian - option: description value: '"DansGuardian searches web content for objectionable references and denies access when found."' - option: enabled From a7245aa0e0c3565e5906b7e91c5da77b15727b9b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 05:51:38 -0500 Subject: [PATCH 40/49] Update dansguardian.yml --- roles/network/tasks/dansguardian.yml | 70 +++++++++++++++------------- 1 file changed, 38 insertions(+), 32 deletions(-) diff --git a/roles/network/tasks/dansguardian.yml b/roles/network/tasks/dansguardian.yml index 2d4cebc40..5ef170e52 100644 --- a/roles/network/tasks/dansguardian.yml +++ b/roles/network/tasks/dansguardian.yml @@ -1,47 +1,53 @@ - name: Install DansGuardian packages - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - dansguardian tags: - download -- name: Copy DansGuardian config file - template: src=roles/network/templates/squid/dansguardian.conf.j2 - dest=/etc/dansguardian/dansguardian.conf - owner=dansguardian - group=dansguardian - mode=0640 +- name: Copy DansGuardian config file (Fedora) + template: + src: roles/network/templates/squid/dansguardian.conf.j2 + dest: /etc/dansguardian/dansguardian.conf + owner: dansguardian + group: dansguardian + mode: 0640 when: ansible_distribution == "Fedora" -- name: Copy DansGuardian config file - template: src=roles/network/templates/squid/dansguardian.conf.debian.j2 - dest=/etc/dansguardian/dansguardian.conf - owner=dansguardian - group=dansguardian - mode=0640 +- name: Copy DansGuardian config file (debuntu) + template: + src: roles/network/templates/squid/dansguardian.conf.debian.j2 + dest: /etc/dansguardian/dansguardian.conf + owner: dansguardian + group: dansguardian + mode: 0640 when: is_debuntu -- name: Copy DansGuardian config file for CentOS - template: src=roles/network/templates/squid/dansguardian.conf.centos.j2 - dest=/etc/dansguardian/dansguardian.conf - owner=dansguardian - group=vscan - mode=0640 +- name: Copy DansGuardian config file (CentOS) + template: + src: roles/network/templates/squid/dansguardian.conf.centos.j2 + dest: /etc/dansguardian/dansguardian.conf + owner: dansguardian + group: vscan + mode: 0640 when: ansible_distribution == "CentOS" -- name: Create 'dansguardian' log directory - file: path=/var/log/dansguardian - owner=dansguardian - group=dansguardian - mode=0750 - state=directory +- name: Create 'dansguardian' log directory (OS's other than CentOS) + file: + path: /var/log/dansguardian + owner: dansguardian + group: dansguardian + mode: 0750 + state: directory when: ansible_distribution != "CentOS" -- name: Create DansGuardian log directory for CentOS - file: path=/var/log/dansguardian - owner=dansguardian - group=vscan - mode=0750 - state=directory +- name: Create DansGuardian log directory (CentOS) + file: + path: /var/log/dansguardian + owner: dansguardian + group: vscan + mode: 0750 + state: directory when: ansible_distribution == "CentOS" From ca6e9741cb9fd543aed1e7a4cede0936d1513baf Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:01:33 -0500 Subject: [PATCH 41/49] Update squid.yml --- roles/network/tasks/squid.yml | 62 +++++++++++++++++------------------ 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index cfddd5c0f..9d5bd9374 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -32,36 +32,36 @@ group: "{{ item.group }}" mode: "{{ item.mode }}" with_items: - - src: 'roles/network/templates/squid/squid.sysconfig' - dest: '/etc/sysconfig/squid' - owner: 'root' - group: 'root' - mode: '0755' - - src: 'roles/network/templates/squid/sites.whitelist.txt' - dest: '/etc/{{ proxy }}/sites.whitelist.txt' - owner: '{{ proxy_user }}' - group: '{{ proxy_user }}' - mode: '0644' - - src: 'roles/network/templates/squid/allowregex.rules' - dest: '/etc/{{ proxy }}/allowregex.rules' - owner: '{{ proxy_user }}' - group: '{{ proxy_user }}' - mode: '0644' - - src: 'roles/network/templates/squid/denyregex.rules' - dest: '/etc/{{ proxy }}/denyregex.rules' - owner: '{{ proxy_user }}' - group: '{{ proxy_user }}' - mode: '0644' - - src: 'roles/network/templates/squid/dstaddress.rules' - dest: '/etc/{{ proxy }}/dstaddress.rules' - owner: '{{ proxy_user }}' - group: '{{ proxy_user }}' - mode: '0644' - - src: 'roles/network/templates/squid/iiab-httpcache.j2' - dest: '/usr/bin/iiab-httpcache' - owner: 'root' - group: 'root' - mode: '0755' + - src: roles/network/templates/squid/squid.sysconfig + dest: /etc/sysconfig/squid + owner: root + group: root + mode: 0755 + - src: roles/network/templates/squid/sites.whitelist.txt + dest: /etc/{{ proxy }}/sites.whitelist.txt + owner: {{ proxy_user }} + group: {{ proxy_user }} + mode: 0644 + - src: roles/network/templates/squid/allowregex.rules + dest: /etc/{{ proxy }}/allowregex.rules + owner: {{ proxy_user }} + group: {{ proxy_user }} + mode: 0644 + - src: roles/network/templates/squid/denyregex.rules + dest: /etc/{{ proxy }}/denyregex.rules + owner: {{ proxy_user }} + group: {{ proxy_user }} + mode: 0644 + - src: roles/network/templates/squid/dstaddress.rules + dest: /etc/{{ proxy }}/dstaddress.rules + owner: {{ proxy_user }} + group: {{ proxy_user }} + mode: 0644 + - src: roles/network/templates/squid/iiab-httpcache.j2 + dest: /usr/bin/iiab-httpcache + owner: root + group: root + mode: 0755 - name: Create Squid cache directory file: @@ -85,7 +85,7 @@ - name: Add 'squid' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" - section: {{ proxy }} + section: squid option: "{{ item.option }}" value: "{{ item.value }}" with_items: From 2a4b5fdb212fa4ffec31c89befe7c09c368e94e9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:04:39 -0500 Subject: [PATCH 42/49] Update squid.yml --- roles/network/tasks/squid.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 9d5bd9374..d9241d546 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -38,24 +38,24 @@ group: root mode: 0755 - src: roles/network/templates/squid/sites.whitelist.txt - dest: /etc/{{ proxy }}/sites.whitelist.txt - owner: {{ proxy_user }} - group: {{ proxy_user }} + dest: "/etc/{{ proxy }}/sites.whitelist.txt" + owner: "{{ proxy_user }}" + group: "{{ proxy_user }}" mode: 0644 - src: roles/network/templates/squid/allowregex.rules - dest: /etc/{{ proxy }}/allowregex.rules - owner: {{ proxy_user }} - group: {{ proxy_user }} + dest: "/etc/{{ proxy }}/allowregex.rules" + owner: "{{ proxy_user }}" + group: "{{ proxy_user }}" mode: 0644 - src: roles/network/templates/squid/denyregex.rules - dest: /etc/{{ proxy }}/denyregex.rules - owner: {{ proxy_user }} - group: {{ proxy_user }} + dest: "/etc/{{ proxy }}/denyregex.rules" + owner: "{{ proxy_user }}" + group: "{{ proxy_user }}" mode: 0644 - src: roles/network/templates/squid/dstaddress.rules - dest: /etc/{{ proxy }}/dstaddress.rules - owner: {{ proxy_user }} - group: {{ proxy_user }} + dest: "/etc/{{ proxy }}/dstaddress.rules" + owner: "{{ proxy_user }}" + group: "{{ proxy_user }}" mode: 0644 - src: roles/network/templates/squid/iiab-httpcache.j2 dest: /usr/bin/iiab-httpcache From 46470e75bff37814a468a9717056ce0cd0e049f9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:08:14 -0500 Subject: [PATCH 43/49] Update squid.yml --- roles/network/tasks/squid.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index d9241d546..79b128fad 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -82,10 +82,11 @@ - include_tasks: roles/network/tasks/dansguardian.yml when: dansguardian_install -- name: Add 'squid' to list of services at /etc/iiab/iiab.ini +# {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8 +- name: Add '{{ proxy }}' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" - section: squid + section: "{{ proxy }}" option: "{{ item.option }}" value: "{{ item.value }}" with_items: From 4f9be5eba05f8967b1c07b34bcee4965d6f1f684 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:18:55 -0500 Subject: [PATCH 44/49] Update squid.yml --- roles/network/tasks/squid.yml | 60 +++++++++++++++++------------------ 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/roles/network/tasks/squid.yml b/roles/network/tasks/squid.yml index 79b128fad..f3eb59421 100644 --- a/roles/network/tasks/squid.yml +++ b/roles/network/tasks/squid.yml @@ -32,36 +32,36 @@ group: "{{ item.group }}" mode: "{{ item.mode }}" with_items: - - src: roles/network/templates/squid/squid.sysconfig - dest: /etc/sysconfig/squid - owner: root - group: root - mode: 0755 - - src: roles/network/templates/squid/sites.whitelist.txt - dest: "/etc/{{ proxy }}/sites.whitelist.txt" - owner: "{{ proxy_user }}" - group: "{{ proxy_user }}" - mode: 0644 - - src: roles/network/templates/squid/allowregex.rules - dest: "/etc/{{ proxy }}/allowregex.rules" - owner: "{{ proxy_user }}" - group: "{{ proxy_user }}" - mode: 0644 - - src: roles/network/templates/squid/denyregex.rules - dest: "/etc/{{ proxy }}/denyregex.rules" - owner: "{{ proxy_user }}" - group: "{{ proxy_user }}" - mode: 0644 - - src: roles/network/templates/squid/dstaddress.rules - dest: "/etc/{{ proxy }}/dstaddress.rules" - owner: "{{ proxy_user }}" - group: "{{ proxy_user }}" - mode: 0644 - - src: roles/network/templates/squid/iiab-httpcache.j2 - dest: /usr/bin/iiab-httpcache - owner: root - group: root - mode: 0755 + - src: 'roles/network/templates/squid/squid.sysconfig' + dest: '/etc/sysconfig/squid' + owner: 'root' + group: 'root' + mode: '0755' + - src: 'roles/network/templates/squid/sites.whitelist.txt' + dest: '/etc/{{ proxy }}/sites.whitelist.txt' + owner: '{{ proxy_user }}' + group: '{{ proxy_user }}' + mode: '0644' + - src: 'roles/network/templates/squid/allowregex.rules' + dest: '/etc/{{ proxy }}/allowregex.rules' + owner: '{{ proxy_user }}' + group: '{{ proxy_user }}' + mode: '0644' + - src: 'roles/network/templates/squid/denyregex.rules' + dest: '/etc/{{ proxy }}/denyregex.rules' + owner: '{{ proxy_user }}' + group: '{{ proxy_user }}' + mode: '0644' + - src: 'roles/network/templates/squid/dstaddress.rules' + dest: '/etc/{{ proxy }}/dstaddress.rules' + owner: '{{ proxy_user }}' + group: '{{ proxy_user }}' + mode: '0644' + - src: 'roles/network/templates/squid/iiab-httpcache.j2' + dest: '/usr/bin/iiab-httpcache' + owner: 'root' + group: 'root' + mode: '0755' - name: Create Squid cache directory file: From 9161a17ef2d4fe003964526e14eb890e192a2513 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:26:40 -0500 Subject: [PATCH 45/49] Update kiwix_install.yml --- roles/kiwix/tasks/kiwix_install.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/kiwix/tasks/kiwix_install.yml b/roles/kiwix/tasks/kiwix_install.yml index 1a81ac77f..e1bf5a52f 100644 --- a/roles/kiwix/tasks/kiwix_install.yml +++ b/roles/kiwix/tasks/kiwix_install.yml @@ -156,15 +156,15 @@ # 5. FINALIZE -- name: Add 'kiwix-serve' to list of services at /etc/iiab/iiab.ini +- name: Add 'kiwix' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" - section: kiwix-serve + section: kiwix option: "{{ item.option }}" value: "{{ item.value }}" with_items: - option: name - value: kiwix-serve + value: Kiwix - option: description value: '"Part of https://github.com/kiwix/kiwix-tools/ - kiwix-serve is the most used web server for ZIM files."' - option: kiwix_url From 09808e1e8bef0cdf28c5854f5fd30a3305ce6e5b Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:35:49 -0500 Subject: [PATCH 46/49] Update main.yml --- roles/mysql/tasks/main.yml | 93 +++++++++++++++++++++++++------------- 1 file changed, 61 insertions(+), 32 deletions(-) diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml index 7fec93eb9..02f879cd1 100644 --- a/roles/mysql/tasks/main.yml +++ b/roles/mysql/tasks/main.yml @@ -1,6 +1,7 @@ - name: Install MySQL (debuntu) - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - mariadb-server - mariadb-client @@ -18,17 +19,22 @@ tags: - download - - name: php-xml for 'ubuntu' and 'debian-9' - package: name=php{{ php_version }}-xml state=present + - name: php-xml (ubuntu or debian_9) + package: + name: "php{{ php_version }}-xml" + state: present when: is_ubuntu or is_debian_9 - - name: php-xml for 'debian-8' - package: name=php-xml-parser state=present + - name: php-xml (debian_8) + package: + name: "php-xml-parser" + state: present when: is_debian_8 - name: Install MySQL (OS's other than debuntu) - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - MySQL-python - mysql @@ -57,29 +63,43 @@ # Name of mysql service varies by OS so softcoded in 1-prep - name: Start the MySQL service - service: name={{ mysql_service }} - state=started + service: + name: "{{ mysql_service }}" + state: started - name: Enable the MySQL service - service: name={{ mysql_service }} - enabled=yes + service: + name: "{{ mysql_service }}" + enabled: yes when: mysql_enabled # 'localhost' needs to be the last item for idempotency, see # http://ansible.cc/docs/modules.html#mysql-user # unfortunately it still doesn't work - name: Update MySQL root password for localhost root accounts - mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT + mysql_user: + name: root + host: "{{ item }}" + password: "{{ mysql_root_password }}" + priv: "*.*:ALL,GRANT" with_items: - localhost when: mysql_enabled - name: Copy .my.cnf file with root password credentials - template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 + template: + src: my.cnf.j2 + dest: /root/.my.cnf + owner: root + mode: 0600 when: mysql_enabled - name: Update MySQL root password for all remaining root accounts - mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT + mysql_user: + name: root + host: "{{ item }}" + password: "{{ mysql_root_password }}" + priv: "*.*:ALL,GRANT" with_items: # - "{{ iiab_hostname }}.{{ iiab_domain }}" - 127.0.0.1 @@ -87,33 +107,42 @@ when: mysql_enabled - name: Delete anonymous MySQL server user for {{ ansible_hostname }} - mysql_user: user="" host="{{ ansible_hostname }}" state="absent" + mysql_user: + user: "" + host: "{{ ansible_hostname }}" + state: absent when: mysql_enabled - name: Delete anonymous MySQL server user for localhost - mysql_user: user="" state="absent" + mysql_user: + user: "" + state: absent when: mysql_enabled - name: Remove the MySQL test database - mysql_db: db=test state=absent + mysql_db: + db: test + state: absent when: mysql_enabled # we had to start mysql in order to configure it, now turn if off if not enabled - name: Provisionally Disable the MySQL service - service: name={{ mysql_service }} - enabled=no - state=stopped + service: + name: "{{ mysql_service }}" + enabled: no + state: stopped when: not mysql_enabled - - name: Add 'mysql' to service list - ini_file: dest='{{ service_filelist }}' - section=mysql - option='{{ item.option }}' - value='{{ item.value }}' + - name: Add 'mysql' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: mysql + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - - option: name - value: mysql-database - - option: description - value: '"MySQL is a widely used free and open source (GPLv2) database, offered by most web hosting services, on a diversity of platforms."' - - option: enabled - value: "{{ mysql_enabled }}" + - option: name + value: MySQL + - option: description + value: '"MySQL is a widely used free and open source (GPLv2) database, offered by most web hosting services, on a diversity of platforms."' + - option: enabled + value: "{{ mysql_enabled }}" From f1c049a6e19ae14070081150e489cfa2483d8a1d Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:49:41 -0500 Subject: [PATCH 47/49] Update main.yml --- roles/elgg/tasks/main.yml | 135 +++++++++++++++++++++++--------------- 1 file changed, 83 insertions(+), 52 deletions(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index 975797857..cc2e80314 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -3,11 +3,13 @@ - name: Download current version from our site shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }} - creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip + args: + creates: "{{ downloads_dir }}/elgg-{{ elgg_version }}.zip" when: internet_available - name: Determine if software is already expanded - stat: path=/opt/elgg-{{ elgg_version }}/index.php + stat: + path: "/opt/elgg-{{ elgg_version }}/index.php" register: elgg # use unzip and shell until unarchive works again @@ -19,106 +21,133 @@ when: elgg.stat.exists is defined and not elgg.stat.exists - name: Create a link to the versioned elgg-* folder - file: src=./elgg-{{ elgg_version }} - dest=/opt/elgg - owner={{ apache_user }} - group={{ apache_user }} - state=link - force=true + file: + src: "./elgg-{{ elgg_version }}" + dest: /opt/elgg + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + state: link + force: true # use template to fix up settings in engine/settings.php with our variables substituted # into engine/settings.example.php # note this will overwrite any manual settings - name: Substitute our parameters in engine/settings.example.php - template: src="settings.php.j2" - dest="/opt/{{ elgg_xx }}/elgg-config/settings.php" - owner={{ apache_user }} - group={{ apache_user }} + template: + src: "settings.php.j2" + dest: "/opt/{{ elgg_xx }}/elgg-config/settings.php" + owner: "{{ apache_user }}" + group: "{{ apache_user }}" # The name of this file changed from 1.9 to 1.10. - name: Copy default .htaccess to the root directory of Elgg tree - copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" - dest="/opt/{{ elgg_xx }}/.htaccess" - mode=0644 - owner={{ apache_user }} - group={{ apache_user }} + copy: + src: "/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist" + dest: "/opt/{{ elgg_xx }}/.htaccess" + mode: 0644 + owner: "{{ apache_user }}" + group: "{{ apache_user }}" #regexp='^#RewriteBase' - name: Modify .htaccess to have RewriteBase as our directory - lineinfile: backup=no - dest="/opt/{{ elgg_xx }}/.htaccess" - state=present - insertafter='^#RewriteBase' - line="RewriteBase {{ elgg_url }}/" + lineinfile: + backup: no + dest: "/opt/{{ elgg_xx }}/.htaccess" + state: present + insertafter: '^#RewriteBase' + line: "RewriteBase {{ elgg_url }}/" - name: Change permissions on engine directory so Apache can write - file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory + file: + path: /opt/elgg/engine/ + owner: "{{ apache_user }}" + mode: 0755 + state: directory - name: Create an upload directory that Apache can write in or Elgg - file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }} + file: + path: "{{ elgg_upload_path }}" + state: directory + owner: "{{ apache_user }}" - name: Change ownership - file: path=/opt/elgg-{{ elgg_version }} - owner={{ apache_user }} - group={{ apache_user }} - recurse=yes - state=directory + file: + path: "/opt/elgg-{{ elgg_version }}" + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + recurse: yes + state: directory - name: Create a MySQL database for Elgg - can be run more than once - mysql_db: name={{ dbname }} + mysql_db: + name: "{{ dbname }}" register: create_elgg_database - name: Create a user to access the Elgg database - can be run more than once - mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL + mysql_user: + name: "{{ dbuser }}" + host: "{{ item }}" + password: "{{ dbpassword }}" + priv: "{{ dbname }}.*:ALL" with_items: - 127.0.0.1 - ::1 - localhost - name: Create file to load database - template: src=elggdb.sql.j2 - dest=/tmp/elggdb.sql + template: + src: "elggdb.sql.j2" + dest: "/tmp/elggdb.sql" # elggdb.sql obtained with mysqldump --skip-add-drop-table elggdb > elggdb.sql # tar up a mysqldump of freshly installed database and use it in the install to avoid the startup # form, which worries me a lot. (/var/lib/mysql/elggdb) - name: Load Elgg database dump - mysql_db: name={{ dbname }} - state=import - target=/tmp/elggdb.sql + mysql_db: + name: "{{ dbname }}" + state: import + target: /tmp/elggdb.sql when: create_elgg_database.changed - name: Remove database dump after load - file: name=/tmp/elggdb.sql state=absent + file: + name: /tmp/elggdb.sql + state: absent - name: Install config file for Elgg in Apache - template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf + template: + src: elgg.conf + dest: "/etc/{{ apache_config_dir }}/elgg.conf" - name: Enable Elgg for debuntu (will already be enabled above for redhat) - file: path=/etc/apache2/sites-enabled/elgg.conf - src=/etc/apache2/sites-available/elgg.conf - state=link + file: + src: /etc/apache2/sites-available/elgg.conf + dest: /etc/apache2/sites-enabled/elgg.conf + state: link when: elgg_enabled and is_debuntu - name: Disable Elgg - remove config file for Elgg in Apache (debuntu) - file: path=/etc/apache2/sites-enabled/elgg.conf - state=absent + file: + path: /etc/apache2/sites-enabled/elgg.conf + state: absent when: not elgg_enabled and is_debuntu - name: Disable Elgg - remove config file for Elgg in Apache (redhat) - file: dest=/etc/{{ apache_config_dir }}/elgg.conf - state=absent + file: + dest: "/etc/{{ apache_config_dir }}/elgg.conf" + state: absent when: not elgg_enabled and is_redhat -- name: Add 'elgg' to service list - ini_file: dest='{{ service_filelist }}' - section=elgg - option='{{ item.option }}' - value='{{ item.value }}' +- name: Add 'elgg' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section=elgg + option: "{{ item.option }}" + value= "{{ item.value }}" with_items: - option: name - value: elgg-social-netwoking + value: Elgg - option: description value: '"Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured social networks and applications."' - option: path @@ -127,4 +156,6 @@ value: "{{ elgg_enabled }}" - name: Restart Apache, so it picks up the new aliases - service: name={{ apache_service }} state=restarted + service: + name: "{{ apache_service }}" + state: restarted From 3ca4ef859951813721f6b191961f19bb3b1b6257 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 06:58:15 -0500 Subject: [PATCH 48/49] Update main.yml --- roles/cups/tasks/main.yml | 69 ++++++++++++++++++++++----------------- 1 file changed, 39 insertions(+), 30 deletions(-) diff --git a/roles/cups/tasks/main.yml b/roles/cups/tasks/main.yml index 111b5098e..d765c4908 100644 --- a/roles/cups/tasks/main.yml +++ b/roles/cups/tasks/main.yml @@ -1,40 +1,46 @@ # administer this service by browsing to localhost:631 - name: Get the CUPS package installed - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - cups when: cups_install tags: - download -- name: Put our own config file in place, to permit local LAN admin - template: dest=/etc/cups/cupsd.conf - src=cupsd.conf +- name: Put our own /etc/cups/cupsd.conf in place, to permit local LAN admin + template: + src: cupsd.conf + dest: /etc/cups/cupsd.conf - name: Put an apache2 config file in place - template: dest=/etc/{{ apache_config_dir }}/ - src=cups.conf + template: + src: cups.conf + dest: "/etc/{{ apache_config_dir }}/" -- name: Create the link for sites-enabled - file: src=/etc/apache2/sites-available/cups.conf - dest=/etc/apache2/sites-enabled/cups.conf - state=link +- name: Create the link for sites-enabled (debuntu) + file: + src: /etc/apache2/sites-available/cups.conf + dest: /etc/apache2/sites-enabled/cups.conf + state: link when: cups_enabled and is_debuntu - name: Enable services for CUPS (OS's other than Fedora 18) - service: name={{ item }} - state=started - enabled=yes + service: + name: "{{ item }}" + state: started + enabled: yes with_items: - cups - cups-browsed when: cups_enabled and not is_F18 - name: Enable services for CUPS (Fedora 18, for XO laptops) - service: name=cups - state=started - enabled=yes + service: + name: cups + state: started + enabled: yes when: cups_enabled and is_F18 - name: Permit headless admin of CUPS -- only works when CUPS daemon is running @@ -42,30 +48,33 @@ when: cups_enabled - name: Disable services for CUPS (OS's other than Fedora 18) - service: name={{ item }} - state=stopped - enabled=no + service: + name: "{{ item }}" + state: stopped + enabled: no with_items: - cups - cups-browsed when: not cups_enabled and not is_F18 - name: Disable services for CUPS (Fedora 18, for XO laptops) - service: name=cups - state=stopped - enabled=no + service: + name: cups + state: stopped + enabled: no when: not cups_enabled and is_F18 -- name: Add 'cups' to service list - ini_file: dest={{ service_filelist }} - section=cups - option={{ item.option }} - value={{ item.value }} +- name: Add 'cups' to list of services at /etc/iiab/iiab.ini + ini_file: + dest: "{{ service_filelist }}" + section: cups + option: "{{ item.option }}" + value: "{{ item.value }}" with_items: - option: name - value: '"Common UNIX Printing System (CUPS)"' + value: CUPS - option: description - value: '"CUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' + value: '"CUPS (Common UNIX Printing System) is a modular printing system that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."' - option: installed value: "{{ cups_install }}" - option: enabled From 05a6cff2822fe120d26c57c4d2a0310057118584 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 8 Dec 2017 07:00:54 -0500 Subject: [PATCH 49/49] Update main.yml --- roles/elgg/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/elgg/tasks/main.yml b/roles/elgg/tasks/main.yml index cc2e80314..54a257f4b 100644 --- a/roles/elgg/tasks/main.yml +++ b/roles/elgg/tasks/main.yml @@ -142,9 +142,9 @@ - name: Add 'elgg' to list of services at /etc/iiab/iiab.ini ini_file: dest: "{{ service_filelist }}" - section=elgg + section: elgg option: "{{ item.option }}" - value= "{{ item.value }}" + value: "{{ item.value }}" with_items: - option: name value: Elgg