Merge pull request #46 from iiab/master

sync from iiab/iiab
2025-02-15 04:32:11 +00:00 · 2017-12-08 13:09:44 -05:00 · 2017-12-08 13:09:44 -05:00 · eb1c7c1872
commit eb1c7c1872
parent a3fdf2ba01 e9bbe7169c
32 changed files with 999 additions and 727 deletions
--- a/roles/0-init/tasks/main.yml
+++ b/roles/0-init/tasks/main.yml
@ -1,7 +1,8 @@
 # Initialize
 - name: ...IS BEGINNING ============================================
-  stat: path=/etc/iiab/iiab.env
+  stat:
    path: /etc/iiab/iiab.env
  register: NewInstall
 - name: Setting first run flag
@ -18,32 +19,33 @@
 #- name: Loading computed_vars
 #  include_tasks: roles/0-init/tasks/computed_vars.yml
 - name: Re-read local_facts.facts from /etc/ansible/facts.d
-  setup: filter=ansible_local
+  setup:
    filter: ansible_local
 - name: Set top level variables from local facts for convenience
  set_fact:
-      xo_model: '{{ ansible_local.local_facts.xo_model }}'
+    xo_model: "{{ ansible_local.local_facts.xo_model }}"
-      phplib_dir: '{{ ansible_local.local_facts.phplib_dir }}'
+    phplib_dir: "{{ ansible_local.local_facts.phplib_dir }}"
-      iiab_stage: '{{ ansible_local.local_facts.stage }}'
+    iiab_stage: "{{ ansible_local.local_facts.stage }}"
 - name: Discover if this is running Raspbian -- if so assume it is a RPi
  set_fact:
-      rpi_model: "rpi"
+    rpi_model: "rpi"
-      is_rpi: True
+    is_rpi: True
 #      no_net_restart: True
 #      nobridge: True
  when: ansible_local.local_facts.os == "raspbian"
 - name: Set exFAT enabled for XO laptops
  set_fact:
-     exFAT_enabled: True
+    exFAT_enabled: True
  when: xo_model != "none"
 # Discover  do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
 - name: Finding gateway
  set_fact:
-      discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
+    discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
-      iiab_wan_iface: "{{ discovered_wan_iface }}"
+    iiab_wan_iface: "{{ discovered_wan_iface }}"
  when: ansible_default_ipv4.gateway is defined
 - name: Verify gateway present
@ -53,11 +55,14 @@
 - name: Recording gateway response
  set_fact:
-      gw_active: True
+    gw_active: True
  when: discovered_wan_iface != "none" and gw_active_test.stdout == "1"
 - name: Test for internet access
-  get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
+  get_url:
    url: "{{ iiab_download_url }}/heart-beat.txt"
    dest: /tmp/heart-beat.txt
    timeout: "{{ download_timeout }}"
  ignore_errors: True
 #  async: 10
 #  poll: 2
@ -65,12 +70,13 @@
 - name: Set internet_available true if wget succeeded
  set_fact:
-      internet_available: True
+    internet_available: True
  when: not internet_access_test|failed and not disregard_network
 - name: Cleanup internet test file
-  file: path=/tmp/heart-beat.txt
+  file:
-        state=absent
+    path: /tmp/heart-beat.txt
    state: absent
 # Put all computed vars here so derive properly from any prior var file
 - name: If the TZ is not set in env, set it to UTC
@ -146,19 +152,20 @@
 - name: Set FQDN
  set_fact:
-      iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
+    iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
-      FQDN_changed: False
+    FQDN_changed: False
 - name: FQDN changed
  set_fact:
-      FQDN_changed: True
+    FQDN_changed: True
  when: iiab_fqdn != ansible_fqdn
 - name: Add version section
-  ini_file: dest='{{ iiab_config_file }}'
+  ini_file:
-            section=runtime
+    dest: "{{ iiab_config_file }}"
-            option='{{ item.option }}'
+    section: runtime
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: 'iiab_stage'
      value: '{{ iiab_stage }}'
@ -202,10 +209,11 @@
  when: FQDN_changed
 - name: STAGE 0 HAS COMPLETED ======================================
-  ini_file: dest='{{ iiab_config_file }}'
+  ini_file:
-            section=runtime
+    dest: "{{ iiab_config_file }}"
-            option='{{ item.option }}'
+    section: runtime
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: 'is_VM'
      value:  'yes'
--- a/roles/1-prep/tasks/main.yml
+++ b/roles/1-prep/tasks/main.yml
@ -4,16 +4,20 @@
  command: echo
 - name: Get the uuidgen program
-  package: name=uuid-runtime
+  package:
-           state=present
+    name: uuid-runtime
    state: present
  when: is_debuntu
 - name: Test for /etc/iiab/uuid file
-  stat: path=/etc/iiab/uuid
+  stat:
    path: /etc/iiab/uuid
  register: uuid_file
 - name: Create folder to hold uuid
-  file: path=/etc/iiab state=directory
+  file:
    path: /etc/iiab
    state: directory
  when: not uuid_file.stat.exists
 - name: If no uuid exists, create one
@ -31,30 +35,36 @@
 - name: Get the value into a variable
  set_fact:
-      uuid={{ stored_uuid.stdout_lines[0] }}
+    uuid: "{{ stored_uuid.stdout_lines[0] }}"
 # for rpi, without rtc, we need time as soon as possible
 - name: Install chrony package
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
-   - chrony
+    - chrony
  tags:
    - download
 #TODO: Use regexp filter instead of hard-code ip
 - name: Update chrony config file
-  template: backup=no
+  template:
-            dest=/etc/chrony.conf
+    backup: no
-            src=chrony.conf.j2
+    dest: /etc/chrony.conf
    src: chrony.conf.j2
 - name: Disable AppArmor -- on by default in Ubuntu
-  service: name=apparmor enabled=False state=stopped
+  service:
    name: apparmor
    enabled: False
    state: stopped
  when: is_ubuntu
  ignore_errors: true
 - name: Disable SELinux on next boot
-  selinux: state=disabled
+  selinux:
    state: disabled
  register: selinux_disabled
  when: not is_debuntu
@ -68,19 +78,22 @@
  when: first_run and rpi_model != "none"
 - name: Check if the identifier for Intel's NUC6 builtin WiFi is present
-  shell: "lsusb | grep 8087:0a2b | wc |awk '{print $1}'"
+  shell: "lsusb | grep 8087:0a2b | wc | awk '{print $1}'"
  register: usb_NUC6
  ignore_errors: true
 - name: Download the firmware for built-in WiFi on NUC6
-  get_url: dest=/lib/firmware
+  get_url:
-           url={{ iiab_download_url }}/iwlwifi-8000C-13.ucode
+    url: "{{ iiab_download_url }}/iwlwifi-8000C-13.ucode"
-  when: usb_NUC6.stdout|int > 0
+    dest: /lib/firmware
    timeout: "{{ download_timeout }}"
  when: internet_available and usb_NUC6.stdout|int > 0
 # this script can be sourced to get IIAB location
 - name: Recording STAGE 1 HAS COMPLETED ============================
-  template: src=roles/1-prep/templates/iiab.env.j2
+  template:
-            dest=/etc/iiab/iiab.env
+    src: roles/1-prep/templates/iiab.env.j2
-            owner=root
+    dest: /etc/iiab/iiab.env
-            group=root
+    owner: root
-            mode=0644
+    group: root
    mode: 0644
--- a/roles/2-common/tasks/packages.yml
+++ b/roles/2-common/tasks/packages.yml
@ -1,31 +1,34 @@
 - name: Install yum packages (redhat)
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
-   - yum-utils
+    - yum-utils
-   - createrepo
+    - createrepo
-   - wpa_supplicant
+    - wpa_supplicant
-   - linux-firmware
+    - linux-firmware
-   - syslog
+    - syslog
-   - xml-common
+    - xml-common
-   - nss-mdns
+    - nss-mdns
-   - avahi
+    - avahi
-   - avahi-tools
+    - avahi-tools
  when: is_redhat
- name: Download usbmount -- not in Debian Stretch (debian-9)
+- name: Download usbmount -- not in Debian Stretch (debian_9)
  get_url:
    url: "{{ iiab_download_url }}/usbmount_0.0.14.1_all.deb"
    dest: "{{ downloads_dir }}"
-  when: is_debian_9
+    timeout: "{{ download_timeout }}"
  when: internet_available and is_debian_9
- name: Install usbmount (debian-9)
+- name: Install usbmount (debian_9)
  command: apt install -y {{ downloads_dir }}/usbmount_0.0.14.1_all.deb
  when: is_debian_9
 - name: Install packages (debuntu)
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - inetutils-syslogd
    - wpasupplicant
@ -37,35 +40,36 @@
  when: is_debuntu
 - name: Install common packages
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
-   - acpid
+    - acpid
-   - mlocate
+    - mlocate
-   - rsync
+    - rsync
-   - htop
+    - htop
-   - etckeeper
+    - etckeeper
-   - python-passlib
+    - python-passlib
-   - usbmount
+    - usbmount
-   - net-tools
+    - net-tools
-   - openssh-server
+    - openssh-server
-   - sudo
+    - sudo
-   - logrotate
+    - logrotate
-   - make
+    - make
-   - tar
+    - tar
-   - unzip
+    - unzip
-   - bzip2
+    - bzip2
-   - i2c-tools
+    - i2c-tools
-   - bridge-utils
+    - bridge-utils
-   - usbutils
+    - usbutils
-   - hostapd
+    - hostapd
-   - wget
+    - wget
-   - openssl   #FC 18 does not supply, but pear requires
+    - openssl   #FC 18 does not supply, but pear requires
-   - gawk
+    - gawk
-   - curl
+    - curl
-   - pandoc
+    - pandoc
-   - lynx
+    - lynx
-   - ntfs-3g
+    - ntfs-3g
 #- name: Install pip as a commonly required package management system
 #  command: curl https://bootstrap.pypa.io/get-pip.py -o {{ downloads_dir }}/get-pip.py
@ -74,12 +78,13 @@
 #  command: python {{ downloads_dir }}/get-pip.py
 - name: Install common Python packages
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
-   - python-pip
+    - python-pip
-   - python-setuptools
+    - python-setuptools
-   - python-virtualenv
+    - python-virtualenv
 # instructions state to start with a fully updated system before starting, stop using
 # ansible as a crutch for developers not following the directions and taking short-cuts
--- a/roles/2-common/tasks/xo.yml
+++ b/roles/2-common/tasks/xo.yml
@ -3,127 +3,147 @@
 - name: Disable sleep
  command: touch /etc/powerd/flags/inhibit-suspend
-           creates=/etc/powerd/flags/inhibit-suspend
+  args:
    creates: /etc/powerd/flags/inhibit-suspend
 - name: Disable sleep on lid closing
-  lineinfile: dest=/etc/powerd/powerd.conf
+  lineinfile:
-              regexp='^config_SLEEP_WHEN_LID_CLOSED'
+    dest: /etc/powerd/powerd.conf
-              line='config_SLEEP_WHEN_LID_CLOSED="no"'
+    regexp: '^config_SLEEP_WHEN_LID_CLOSED'
-              state=present
+    line: 'config_SLEEP_WHEN_LID_CLOSED="no"'
-              backup=yes
+    state: present
    backup: yes
 - name: Keep yum cache
-  ini_file: dest=/etc/yum.conf
+  ini_file:
-            section=main
+    dest: /etc/yum.conf
-            option=keepcache
+    section: main
-            value=1
+    option: keepcache
    value: 1
  when: not installing
 - name: Keep docs when installing packages
-  lineinfile: backup=yes
+  lineinfile:
-              dest=/etc/rpm/macros.imgcreate
+    backup: yes
-              regexp='^%_excludedocs'
+    dest: /etc/rpm/macros.imgcreate
-              state=absent
+    regexp: '^%_excludedocs'
    state: absent
 - name: Pre-install packages
-  package: name={{ item }}
+  package:
-           state=latest
+    name: "{{ item }}"
    state: latest
  with_items:
-   - usbmount
+    - usbmount
-   - man
+    - man
-   - man-db
+    - man-db
-   - man-pages
+    - man-pages
 - name: Re-install packages
  shell: yum -y reinstall sed libidn grep which util-linux wget gnupg2 groff gnash yum
  when: not osbuilder is defined
 - name: Configure networkmanager plugin
-  ini_file: dest=/etc/NetworkManager/NetworkManager.conf
+  ini_file:
-            section=main
+    dest: /etc/NetworkManager/NetworkManager.conf
-            option=plugins
+    section: main
-            value=ifcfg-rh,keyfile
+    option: plugins
    value: ifcfg-rh,keyfile
 - name: Check for modem config file
-  stat: path=/etc/NetworkManager/system-connections/"Sugar Modem Connection"
+  stat:
    path: /etc/NetworkManager/system-connections/"Sugar Modem Connection"
  register: config
 - name: Change failure and interval settings for modem connection
-  ini_file: dest=/etc/NetworkManager/system-connections/"Sugar Modem Connection"
+  ini_file:
-            section=ppp
+    dest: /etc/NetworkManager/system-connections/"Sugar Modem Connection"
-            option={{ item.option }}
+    section: ppp
-            value={{ item.value }}
+    option: "{{ item.option }}"
-            backup=yes
+    value: "{{ item.value }}"
-            mode=0600
+    backup: yes
    mode: 0600
  with_items:
-     - { option: 'lcp-echo-failure', value: '5' }
+    - { option: 'lcp-echo-failure', value: '5' }
-     - { option: 'lcp-echo-interval', value: '30' }
+    - { option: 'lcp-echo-interval', value: '30' }
  when: config.stat.exists
 - name: Create bigger rwtab
-  lineinfile: backup=yes
+  lineinfile:
-              dest=/etc/sysconfig/readonly-root
+    backup: yes
-              regexp='^RW_OPTIONS'
+    dest: /etc/sysconfig/readonly-root
-              line='RW_OPTIONS="-o size=4M -o nr_inodes=2048"'
+    regexp: '^RW_OPTIONS'
-              state=present
+    line: 'RW_OPTIONS="-o size=4M -o nr_inodes=2048"'
    state: present
 - name: Remove dhcpd entry from /etc/rwtab
-  lineinfile: backup=yes
+  lineinfile:
-              dest=/etc/rwtab
+    backup: yes
-              regexp='^empty.*/var/lib/dhcpd'
+    dest: /etc/rwtab
-              state=absent
+    regexp: '^empty.*/var/lib/dhcpd'
    state: absent
 - name: Remove php entry from /etc/rwtab
-  lineinfile: backup=yes
+  lineinfile:
-              dest=/etc/rwtab
+    backup: yes
-              regexp='^empty.*/var/lib/php'
+    dest: /etc/rwtab
-              state=absent
+    regexp: '^empty.*/var/lib/php'
    state: absent
 - name: Persist /etc/hosts between reboots
-  lineinfile: backup=yes
+  lineinfile:
-              dest=/etc/statetab.d/olpc
+    backup: yes
-              regexp='^/etc/hosts'
+    dest: /etc/statetab.d/olpc
-              state=absent
+    regexp: '^/etc/hosts'
    state: absent
 - name: Disable /var/log tmpfs
-  lineinfile: backup=yes
+  lineinfile:
-              dest=/etc/fstab
+    backup: yes
-              regexp='^varlog.*'
+    dest: /etc/fstab
-              state=absent
+    regexp: '^varlog.*'
    state: absent
 - name: Enlarge the /tmp directory so that url_get does not error out
-  lineinfile: backup=yes
+  lineinfile:
-              dest=/etc/fstab
+    backup: yes
-              regexp='^/tmp*'
+    dest: /etc/fstab
-              line='/tmp            /tmp            tmpfs         rw,size=600m 0 0'
+    regexp: '^/tmp*'
    line: '/tmp            /tmp            tmpfs         rw,size=600m 0 0'
 - name: Disable graphical login
-  file: path=/etc/systemd/system/default.target
+  file:
-        src=/lib/systemd/system/multi-user.target
+    src: /lib/systemd/system/multi-user.target
-        state=link
+    dest: /etc/systemd/system/default.target
    state: link
  register: disabled_login
 - name: Remove custom profile settings
-  file: path=/etc/profile.d/zzz_olpc.sh
+  file:
-        state=absent
+    path: /etc/profile.d/zzz_olpc.sh
    state: absent
 - name: Download substitute software for i386 on FC18 XO1.5
-  get_url: url="{{ iiab_download_url }}/{{ item }}"  dest={{ downloads_dir }}/{{ item }}
+  get_url:
    url: "{{ iiab_download_url }}/{{ item }}"
    dest: "{{ downloads_dir }}/{{ item }}"
    timeout: "{{ download_timeout }}"
  with_items:
-     - hostapd_8188_i386
+    - hostapd_8188_i386
-  when: wifi_id  ==  "tplink_WM725M" and xo_model == "XO-1.5"  and internet_available
+  when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5" and internet_available
  tags:
    - xo
 - name: Put the substitute in place
-  copy: src={{ downloads_dir }}/hostapd_8188_i386
+  copy:
-        dest=/usr/sbin/hostapd
+    src: "{{ downloads_dir }}/hostapd_8188_i386"
-        backup=yes
+    dest: /usr/sbin/hostapd
-        mode=0775
+    backup: yes
-        owner=root
+    mode: 0775
-        group=root
+    owner: root
-  when: wifi_id  ==  "tplink_WM725M" and xo_model == "XO-1.5"
+    group: root
  when: wifi_id == "tplink_WM725M" and xo_model == "XO-1.5"
 - name: Reboot system
  command: /sbin/reboot
--- a/roles/awstats/tasks/main.yml
+++ b/roles/awstats/tasks/main.yml
@ -1,14 +1,14 @@
 - include_tasks: install.yml
  when: awstats_install
- name: Add AWStats to service list
+- name: Add 'awstats' to list of services at /etc/iiab/iiab.ini
  ini_file: dest='{{ service_filelist }}'
            section=awstats
            option='{{ item.option }}'
            value='{{ item.value }}'
  with_items:
    - option: name
-      value: awstats
+      value: AWStats
    - option: description
      value: '"AWStats (originally known as Advanced Web Statistics) is a package written in Perl which generates static or dynamic html summaries based upon web server logs."'
    - option: installed
--- a/roles/calibre/tasks/create-db.yml
+++ b/roles/calibre/tasks/create-db.yml
@ -13,6 +13,7 @@
  get_url:
    url: "{{ iiab_download_url }}/{{ calibre_sample_book }}"
    dest: "{{ content_base }}/downloads"
    timeout: "{{ download_timeout }}"
  when: internet_available and not sample_bk.stat.exists
 - name: Check if sample book exists in /opt/iiab/downloads
--- a/roles/calibre/tasks/py-installer.yml
+++ b/roles/calibre/tasks/py-installer.yml
@ -8,6 +8,7 @@
    mode: 0755
    force: yes
    backup: yes
    timeout: "{{ download_timeout }}"
  register: calibre_download_output
  when: internet_available
--- a/roles/cups/tasks/main.yml
+++ b/roles/cups/tasks/main.yml
@ -1,40 +1,46 @@
 # administer this service by browsing to localhost:631
 - name: Get the CUPS package installed
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - cups
  when: cups_install
  tags:
    - download
- name: Put our own config file in place, to permit local LAN admin
+- name: Put our own /etc/cups/cupsd.conf in place, to permit local LAN admin
-  template: dest=/etc/cups/cupsd.conf
+  template:
-            src=cupsd.conf
+    src: cupsd.conf
    dest: /etc/cups/cupsd.conf
 - name: Put an apache2 config file in place
-  template: dest=/etc/{{ apache_config_dir }}/
+  template:
-            src=cups.conf
+    src: cups.conf
    dest: "/etc/{{ apache_config_dir }}/"
- name: Create the link for sites-enabled
+- name: Create the link for sites-enabled (debuntu)
-  file: src=/etc/apache2/sites-available/cups.conf
+  file:
-        dest=/etc/apache2/sites-enabled/cups.conf
+    src: /etc/apache2/sites-available/cups.conf
-        state=link
+    dest: /etc/apache2/sites-enabled/cups.conf
    state: link
  when: cups_enabled and is_debuntu
 - name: Enable services for CUPS (OS's other than Fedora 18)
-  service: name={{ item }}
+  service:
-           state=started
+    name: "{{ item }}"
-           enabled=yes
+    state: started
    enabled: yes
  with_items:
    - cups
    - cups-browsed
  when: cups_enabled and not is_F18
 - name: Enable services for CUPS (Fedora 18, for XO laptops)
-  service: name=cups
+  service:
-           state=started
+    name: cups
-           enabled=yes
+    state: started
    enabled: yes
  when: cups_enabled and is_F18
 - name: Permit headless admin of CUPS -- only works when CUPS daemon is running
@ -42,30 +48,33 @@
  when: cups_enabled
 - name: Disable services for CUPS (OS's other than Fedora 18)
-  service: name={{ item }}
+  service:
-          state=stopped
+    name: "{{ item }}"
-          enabled=no
+    state: stopped
    enabled: no
  with_items:
    - cups
    - cups-browsed
  when: not cups_enabled and not is_F18
 - name: Disable services for CUPS (Fedora 18, for XO laptops)
-  service: name=cups
+  service:
-           state=stopped
+    name: cups
-           enabled=no
+    state: stopped
    enabled: no
  when: not cups_enabled and is_F18
- name: Add 'cups' to service list
+- name: Add 'cups' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest={{ service_filelist }}
+  ini_file:
-            section=cups
+    dest: "{{ service_filelist }}"
-            option={{ item.option }}
+    section: cups
-            value={{ item.value }}
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: '"Common UNIX Printing System (CUPS)"'
+      value: CUPS
    - option: description
-      value: '"CUPS is a modular printing system  which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."'
+      value: '"CUPS (Common UNIX Printing System) is a modular printing system that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer."'
    - option: installed
      value: "{{ cups_install }}"
    - option: enabled
--- a/roles/dokuwiki/tasks/install.yml
+++ b/roles/dokuwiki/tasks/install.yml
@ -1,31 +1,48 @@
- name: Get the DokuWiki software
+- name: Download DokuWiki software
-  get_url: url="{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz"  dest={{ downloads_dir }}/
+  get_url:
    url: "{{ iiab_download_url }}/{{ dokuwiki_version }}.tgz"
    dest: "{{ downloads_dir }}/"
    timeout: "{{ download_timeout }}"
  when: internet_available
 - name: Copy it to permanent location /library
-  unarchive: src={{ downloads_dir }}/{{ dokuwiki_version }}.tgz  dest=/library creates=/library/{{ dokuwiki_version }}/VERSION
+  unarchive:
    src: "{{ downloads_dir }}/{{ dokuwiki_version }}.tgz"
    dest: /library
    creates: "/library/{{ dokuwiki_version }}/VERSION"
 - name: Symlink /library/dokuwiki* to /library/dokuwiki
  shell: if [ ! -d /library/dokuwiki ]; then ln -sf /library/{{ dokuwiki_version }} /library/dokuwiki; fi
 - name: Install config file for DokuWiki in Apache
-  template: src=dokuwiki.conf.j2 dest=/etc/{{ apache_config_dir }}/dokuwiki.conf
+  template:
    src: dokuwiki.conf.j2
    dest: "/etc/{{ apache_config_dir }}/dokuwiki.conf"
  when: dokuwiki_enabled
- name: Enable the DokuWiki
+- name: Enable the DokuWiki (debuntu)
-  file: path=/etc/apache2/sites-enabled/dokuwiki.conf
+  file:
-        src=/etc/apache2/sites-available/dokuwiki.conf
+    src: /etc/apache2/sites-available/dokuwiki.conf
-        state=link
+    dest: /etc/apache2/sites-enabled/dokuwiki.conf
    state: link
  when: dokuwiki_enabled and is_debuntu
- name: Disable the DokuWiki
+- name: Disable the DokuWiki (debuntu)
-  file: path=/etc/apache2/sites-enabled/dokuwiki.conf
+  file:
-        state=absent
+    path: /etc/apache2/sites-enabled/dokuwiki.conf
    state: absent
  when: not dokuwiki_enabled and is_debuntu
 - name: Change permissions on engine directory so Apache can write
-  file: path=/library/{{ dokuwiki_version }} owner={{ apache_user }} mode=0755 state=directory recurse=yes
+  file:
    path: "/library/{{ dokuwiki_version }}"
    owner: "{{ apache_user }}"
    mode: 0755
    state: directory
    recurse: yes
 - name: Restart Apache, so it picks up the new aliases
-  service: name={{ apache_service }} state=restarted
+  service:
    name: "{{ apache_service }}"
    state: restarted
--- a/roles/dokuwiki/tasks/main.yml
+++ b/roles/dokuwiki/tasks/main.yml
@ -1,15 +1,16 @@
- name: Include the install playbook
+- name: Install DokuWiki
  include_tasks: install.yml
  when: dokuwiki_install
- name: Add DokuWiki to service list
+- name: Add 'dokuwiki' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=dokuwiki
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: dokuwiki
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: dokuwiki
+      value: DokuWiki
    - option: description
      value: '"DokuWiki is a simple to use and highly versatile Open Source wiki software that does not require a database."'
    - option: installed
--- a/roles/elgg/tasks/main.yml
+++ b/roles/elgg/tasks/main.yml
@ -3,11 +3,13 @@
 - name: Download current version from our site
  shell: wget {{ iiab_download_url }}/elgg-{{ elgg_version }}.zip -c -P {{ downloads_dir }}
-         creates={{ downloads_dir }}/elgg-{{ elgg_version }}.zip
+  args:
    creates: "{{ downloads_dir }}/elgg-{{ elgg_version }}.zip"
  when: internet_available
 - name: Determine if software is already expanded
-  stat: path=/opt/elgg-{{ elgg_version }}/index.php
+  stat:
    path: "/opt/elgg-{{ elgg_version }}/index.php"
  register: elgg
 # use unzip and shell until unarchive works again
@ -19,106 +21,133 @@
  when: elgg.stat.exists is defined and not elgg.stat.exists
 - name: Create a link to the versioned elgg-* folder
-  file: src=./elgg-{{ elgg_version }}
+  file:
-        dest=/opt/elgg
+    src: "./elgg-{{ elgg_version }}"
-        owner={{ apache_user }}
+    dest: /opt/elgg
-        group={{ apache_user }}
+    owner: "{{ apache_user }}"
-        state=link
+    group: "{{ apache_user }}"
-        force=true
+    state: link
    force: true
 # use template to fix up settings in engine/settings.php with our variables substituted
 # into engine/settings.example.php
 # note this will overwrite any manual settings
 - name: Substitute our parameters in engine/settings.example.php
-  template: src="settings.php.j2"
+  template:
-            dest="/opt/{{ elgg_xx }}/elgg-config/settings.php"
+    src: "settings.php.j2"
-            owner={{ apache_user }}
+    dest: "/opt/{{ elgg_xx }}/elgg-config/settings.php"
-            group={{ apache_user }}
+    owner: "{{ apache_user }}"
    group: "{{ apache_user }}"
 # The name of this file changed from 1.9 to 1.10.
 - name: Copy default .htaccess to the root directory of Elgg tree
-  copy: src="/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist"
+  copy:
-        dest="/opt/{{ elgg_xx }}/.htaccess"
+    src: "/opt/{{ elgg_xx }}/vendor/elgg/elgg/install/config/htaccess.dist"
-        mode=0644
+    dest: "/opt/{{ elgg_xx }}/.htaccess"
-        owner={{ apache_user }}
+    mode: 0644
-        group={{ apache_user }}
+    owner: "{{ apache_user }}"
    group: "{{ apache_user }}"
 #regexp='^#RewriteBase'
 - name: Modify .htaccess to have RewriteBase as our directory
-  lineinfile: backup=no
+  lineinfile:
-              dest="/opt/{{ elgg_xx }}/.htaccess"
+    backup: no
-              state=present
+    dest: "/opt/{{ elgg_xx }}/.htaccess"
-              insertafter='^#RewriteBase'
+    state: present
-              line="RewriteBase {{ elgg_url }}/"
+    insertafter: '^#RewriteBase'
    line: "RewriteBase {{ elgg_url }}/"
 - name: Change permissions on engine directory so Apache can write
-  file: path=/opt/elgg/engine/ owner={{ apache_user }} mode=0755 state=directory
+  file:
    path: /opt/elgg/engine/
    owner: "{{ apache_user }}"
    mode: 0755
    state: directory
 - name: Create an upload directory that Apache can write in or Elgg
-  file: path={{ elgg_upload_path }} state=directory owner={{ apache_user }}
+  file:
    path: "{{ elgg_upload_path }}"
    state: directory
    owner: "{{ apache_user }}"
 - name: Change ownership
-  file: path=/opt/elgg-{{ elgg_version }}
+  file:
-        owner={{ apache_user }}
+    path: "/opt/elgg-{{ elgg_version }}"
-        group={{ apache_user }}
+    owner: "{{ apache_user }}"
-        recurse=yes
+    group: "{{ apache_user }}"
-        state=directory
+    recurse: yes
    state: directory
 - name: Create a MySQL database for Elgg - can be run more than once
-  mysql_db: name={{ dbname }}
+  mysql_db:
    name: "{{ dbname }}"
  register: create_elgg_database
 - name: Create a user to access the Elgg database - can be run more than once
-  mysql_user: name={{ dbuser }} host={{ item }} password={{ dbpassword }} priv={{ dbname }}.*:ALL
+  mysql_user:
    name: "{{ dbuser }}"
    host: "{{ item }}"
    password: "{{ dbpassword }}"
    priv: "{{ dbname }}.*:ALL"
  with_items:
        - 127.0.0.1
        - ::1
        - localhost
 - name: Create file to load database
-  template: src=elggdb.sql.j2
+  template:
-            dest=/tmp/elggdb.sql
+    src: "elggdb.sql.j2"
    dest: "/tmp/elggdb.sql"
 # elggdb.sql obtained with mysqldump --skip-add-drop-table elggdb > elggdb.sql
 # tar up a mysqldump of freshly installed database and use it in the install to avoid the startup
 # form, which worries me a lot. (/var/lib/mysql/elggdb)
 - name: Load Elgg database dump
-  mysql_db: name={{ dbname }}
+  mysql_db:
-            state=import
+    name: "{{ dbname }}"
-            target=/tmp/elggdb.sql
+    state: import
    target: /tmp/elggdb.sql
  when: create_elgg_database.changed
 - name: Remove database dump after load
-  file: name=/tmp/elggdb.sql state=absent
+  file:
    name: /tmp/elggdb.sql
    state: absent
 - name: Install config file for Elgg in Apache
-  template: src=elgg.conf dest=/etc/{{ apache_config_dir }}/elgg.conf
+  template:
    src: elgg.conf
    dest: "/etc/{{ apache_config_dir }}/elgg.conf"
 - name: Enable Elgg for debuntu (will already be enabled above for redhat)
-  file: path=/etc/apache2/sites-enabled/elgg.conf
+  file:
-        src=/etc/apache2/sites-available/elgg.conf
+    src: /etc/apache2/sites-available/elgg.conf
-        state=link
+    dest: /etc/apache2/sites-enabled/elgg.conf
    state: link
  when: elgg_enabled and is_debuntu
 - name: Disable Elgg - remove config file for Elgg in Apache (debuntu)
-  file: path=/etc/apache2/sites-enabled/elgg.conf
+  file:
-        state=absent
+    path: /etc/apache2/sites-enabled/elgg.conf
    state: absent
  when: not elgg_enabled and is_debuntu
 - name: Disable Elgg - remove config file for Elgg in Apache (redhat)
-  file: dest=/etc/{{ apache_config_dir }}/elgg.conf
+  file:
-        state=absent
+    dest: "/etc/{{ apache_config_dir }}/elgg.conf"
    state: absent
  when: not elgg_enabled and is_redhat
- name: Add 'elgg' to service list
+- name: Add 'elgg' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=elgg
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: elgg
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: elgg-social-netwoking
+      value: Elgg
    - option: description
      value: '"Elgg is an award-winning social networking engine, delivering the building blocks that enable businesses, schools, universities and associations to create their own fully-featured social networks and applications."'
    - option: path
@ -127,4 +156,6 @@
      value: "{{ elgg_enabled }}"
 - name: Restart Apache, so it picks up the new aliases
-  service: name={{ apache_service }} state=restarted
+  service:
    name: "{{ apache_service }}"
    state: restarted
--- a/roles/kalite/tasks/install.yml
+++ b/roles/kalite/tasks/install.yml
@ -1,13 +1,17 @@
 # This is for an OS other than Fedora 18
 - name: Install missing packages required for KA Lite startup
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - python-virtualenv
- name: Grab the requirements file
+- name: Download KA Lite's requirements file
-  get_url: url={{ kalite_requirements }} dest={{ pip_packages_dir }}/kalite.txt
+  get_url:
    url: "{{ kalite_requirements }}"
    dest: "{{ pip_packages_dir }}/kalite.txt"
    timeout: "{{ download_timeout }}"
  when: internet_available
 #- name: Install KA Lite non-static + reqs file with pip - (debuntu)
@ -18,12 +22,13 @@
 #       extra_args="--disable-pip-version-check"
 #  when: internet_available and is_debuntu
- name: Install KA Lite static with pip - (debuntu)
+- name: Install KA Lite static with pip (debuntu)
-  pip: name=ka-lite-static
+  pip:
-       version={{ kalite_version }}
+    name: ka-lite-static
-       virtualenv={{ kalite_venv }}
+    version: "{{ kalite_version }}"
-       virtualenv_site_packages=no
+    virtualenv: "{{ kalite_venv }}"
-       extra_args="--no-cache-dir"
+    virtualenv_site_packages: no
    extra_args: "--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
  when: internet_available and is_debuntu
@ -36,30 +41,32 @@
 #  when: internet_available and not is_debuntu
 - name: Install KA Lite static with pip - (OS's other than debuntu)
-  pip: name=ka-lite-static
+  pip:
-       version={{ kalite_version }}
+    name: ka-lite-static
-       virtualenv={{ kalite_venv }}
+    version: "{{ kalite_version }}"
-       virtualenv_site_packages=no
+    virtualenv: "{{ kalite_venv }}"
    virtualenv_site_packages: no
 #       extra_args="--no-cache-dir"
 #       extra_args="--disable-pip-version-check"
  when: internet_available and not is_debuntu
 - name: Default is to have cronserve started with KA Lite
  set_fact:
-     job_scheduler_stanza: ""
+    job_scheduler_stanza: ""
 - name: Add --skip-job-scheduler to start if cronserve not enabled
  set_fact:
-     job_scheduler_stanza: "--skip-job-scheduler "
+    job_scheduler_stanza: "--skip-job-scheduler "
  when: not kalite_cron_enabled
 - name: Create 'kalite-serve' service, kalite.sh and kalite.conf
-  template: backup=no
+  template:
-            src={{ item.src }}
+    backup: no
-            dest={{ item.dest }}
+    src: "{{ item.src }}"
-            owner=root
+    dest: "{{ item.dest }}"
-            group=root
+    owner: root
-            mode={{ item.mode }}
+    group: root
    mode: "{{ item.mode }}"
  with_items:
    - { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'}
    - { src: 'kalite.sh.j2', dest: '/usr/bin/kalite', mode: '0755'}
--- a/roles/kiwix/tasks/kiwix_install.yml
+++ b/roles/kiwix/tasks/kiwix_install.yml
@ -156,15 +156,15 @@
 # 5. FINALIZE
- name: Add 'kiwix-serve' to list of services at /etc/iiab/iiab.ini
+- name: Add 'kiwix' to list of services at /etc/iiab/iiab.ini
  ini_file:
    dest: "{{ service_filelist }}"
-    section: kiwix-serve
+    section: kiwix
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
  - option: name
-    value: kiwix-serve
+    value: Kiwix
  - option: description
    value: '"Part of https://github.com/kiwix/kiwix-tools/ - kiwix-serve is the most used web server for ZIM files."'
  - option: kiwix_url
--- a/roles/kiwix/tasks/main.yml
+++ b/roles/kiwix/tasks/main.yml
@ -27,6 +27,7 @@
  get_url:
    url: "{{ iiab_download_url }}/{{ kiwix_src_file }}"
    dest: "{{ downloads_dir }}/{{ kiwix_src_file }}"
    timeout: "{{ download_timeout }}"
  when: internet_available
 - name: Check for /opt/iiab/downloads/{{ kiwix_src_file }}
--- a/roles/monit/tasks/main.yml
+++ b/roles/monit/tasks/main.yml
@ -1,31 +1,35 @@
 - name: Install Monit package
-  package: name=monit
+  package:
-           state=present
+    name: monit
    state: present
  tags:
    - download
 - name: Install chkconfig package -- not in Debian 8
-  package: name=chkconfig
+  package:
-           state=present
+    name: chkconfig
    state: present
  when: is_debian and ansible_distribution_major_version == "8"
  tags:
    - download
 - name: Update main config file
-  template: backup=yes
+  template:
-            src=monitrc
+    backup: yes
-            dest=/etc/monitrc
+    src: monitrc
-            owner=root
+    dest: /etc/monitrc
-            group=root
+    owner: root
-            mode=0600
+    group: root
    mode: 0600
 - name: Update config files
-  template: src={{ item }}
+  template:
-            dest=/etc/monit.d/{{ item }}
+    src: "{{ item }}"
-            owner=root
+    dest: "/etc/monit.d/{{ item }}"
-            group=root
+    owner: root
-            force=yes
+    group: root
-            mode=0755
+    force: yes
    mode: 0755
  with_items: watchdog
  register: monit_config
  when: false
@ -41,14 +45,15 @@
 #- name: Restart monit service
 #  command: service monit restart
- name: Add 'monit' to service list
+- name: Add 'monit' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=monit
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: monit
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: monit
+      value: Monit
    - option: description
      value: '"Monit is a background service monitor which can correct problems, send email, restart services."'
    - option: enabled
--- a/roles/moodle/tasks/main.yml
+++ b/roles/moodle/tasks/main.yml
@ -1,15 +1,17 @@
 ---
- name: Install Moodle required packages
+- name: Install Moodle required packages (OS's other than debunt)
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - python-psycopg2
    - php-pgsql
  when: not is_debuntu
- name: Install Moodle required packages
+- name: Install Moodle required packages (debuntu)
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - python-psycopg2
    - php{{ php_version }}-pgsql
@ -21,107 +23,125 @@
    - php{{ php_version }}-cli
  when: is_debuntu
- name: php-zip name for Debian 9 or Ubuntu
+- name: php-zip name (debian_9 or ubuntu)
-  package: name=php{{ php_version }}-zip
+  package:
    name: "php{{ php_version }}-zip"
  when: is_debian_9 or is_ubuntu
- name: php-zip name for Debian 8
+- name: php-zip name for (debian_8)
-  package: name=php-pclzip
+  package:
    name: php-pclzip
  when: is_debian_8
 - name: Determine if Moodle is already downloaded
-  stat: path={{ moodle_base }}/config-dist.php
+  stat:
    path: "{{ moodle_base }}/config-dist.php"
  register: moodle
 - name: Download the latest Moodle repo
-  git: repo={{ moodle_repo_url }}
+  git:
-       dest={{ moodle_base }}
+    repo: "{{ moodle_repo_url }}"
-       depth=1
+    dest: "{{ moodle_base }}"
-       force=yes
+    depth: 1
-       version="MOODLE_{{ moodle_version }}_STABLE"
+    force: yes
    version: "MOODLE_{{ moodle_version }}_STABLE"
 #  ignore_errors: yes
-  when: internet_available  and moodle.stat.exists is defined and not moodle.stat.exists
+  when: internet_available and moodle.stat.exists is defined and not moodle.stat.exists
 - name: Prepare the downloaded directory so Apache can install config file
-  file: path={{ moodle_base }}
+  file:
-        owner={{ apache_user }}
+    path: "{{ moodle_base }}"
-        recurse=yes
+    owner: "{{ apache_user }}"
-        state=directory
+    recurse: yes
    state: directory
 - name: Give Apache permission to write Moodle data directory
-  file: path={{ content_base }}/dbdata/moodle
+  file:
-        owner={{ apache_user }}
+    path: "{{ content_base }}/dbdata/moodle"
-        mode=0755
+    owner: "{{ apache_user }}"
-        state=directory
+    mode: 0755
    state: directory
 - name: Create a Moodle data dir with Apache permission to write
-  file: path={{ moodle_data }}
+  file:
-        owner={{ apache_user }}
+    path: "{{ moodle_data }}"
-        group={{ apache_user }}
+    owner: "{{ apache_user }}"
-        mode=0770
+    group: "{{ apache_user }}"
-        state=directory
+    mode: 0770
    state: directory
 - name: Remove stock Moodle conf
-  file: path='/etc/{{ apache_config_dir }}/moodle.conf'
+  file:
-        state=absent
+    path: "/etc/{{ apache_config_dir }}/moodle.conf"
    state: absent
 - name: Put Moodle config file in place
-  template: src=022-moodle.j2
+  template:
-            dest=/etc/{{ apache_config_dir }}/022-moodle.conf
+    src: 022-moodle.j2
-            owner=root
+    dest: "/etc/{{ apache_config_dir }}/022-moodle.conf"
-            group=root
+    owner: root
-            mode=0644
+    group: root
    mode: 0644
  when: moodle_enabled
- name: Enable Moodle
+- name: Enable Moodle (debuntu)
-  file: path=/etc/apache2/sites-enabled/022-moodle.conf
+  file:
-        src=/etc/apache2/sites-available/022-moodle.conf
+    src: /etc/apache2/sites-available/022-moodle.conf
-        state=link
+    dest: /etc/apache2/sites-enabled/022-moodle.conf
    state: link
  when: moodle_enabled and is_debuntu
- name: Disable Moodle
+- name: Disable Moodle (debuntu)
-  file: path=/etc/apache2/sites-enabled/022-moodle.conf
+  file:
-        state=absent
+    path: /etc/apache2/sites-enabled/022-moodle.conf
    state: absent
  when: not moodle_enabled and is_debuntu
 - name: Start postgresql-iiab
-  service: name=postgresql-iiab
+  service:
-           state=restarted
+    name: postgresql-iiab
    state: restarted
 - name: Create db user
-  postgresql_user: name=Admin
+  postgresql_user:
-                   password=changeme
+    name: Admin
-                   role_attr_flags=NOSUPERUSER,NOCREATEROLE,NOCREATEDB
+    password: changeme
-                   state=present
+    role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB
    state: present
  become: yes
  become_user: postgres
 - name: Create database
-  postgresql_db: name=moodle
+  postgresql_db:
-                 encoding=utf8
+    name: moodle
-                 owner=Admin
+    encoding: utf8
-                 template=template1
+    owner: Admin
-                 state=present
+    template: template1
    state: present
  become: yes
  become_user: postgres
 - name: Put a startup install script in place
-  template: dest={{ moodle_base }}
+  template:
-            src=moodle_installer
+    dest: "{{ moodle_base }}"
-            mode=0755
+    src: moodle_installer
    mode: 0755
 - name: Restart postgresql-iiab
-  service: name=postgresql-iiab
+  service:
-           state=restarted
+    name: postgresql-iiab
-           enabled=yes
+    state: restarted
    enabled: yes
  when: moodle_enabled
 - name: Restart Apache
-  service: name={{ apache_service }}
+  service:
-           state=restarted
+    name: "{{ apache_service }}"
    state: restarted
 - name: See if the config.php file exists
-  stat: path='{{ moodle_base }}/config.php'
+  stat:
    path: "{{ moodle_base }}/config.php"
  register: config
 - name: Execute Moodle startup script
@ -130,20 +150,22 @@
 - name: Give Apache permission to read config file
 #  command: chown -R {{ apache_user }} {{ moodle_base }}
-  file: path={{ moodle_base }}/config.php
+  file:
-        mode=0644
+    path: "{{ moodle_base }}/config.php"
    mode: 0644
- name: Add Moodle to service list
+- name: Add 'moodle' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=moodle
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: moodle
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
      value: Moodle
    - option: description
      value: '"Access the Moodle learning management system."'
-    - option: 'directory path'
+    - option: "moodle_base"
-      value: '{{ moodle_base }}'
+      value: "{{ moodle_base }}"
    - option: moodle_enabled
      value: "{{ moodle_enabled }}"
--- a/roles/munin/tasks/main.yml
+++ b/roles/munin/tasks/main.yml
@ -1,6 +1,7 @@
- name: Install Munin package
+- name: Install Munin package (debuntu)
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - munin
    - munin-node
@ -11,9 +12,10 @@
    - download
  when: is_debuntu
- name: Install Munin package
+- name: Install Munin package (OS's other than debuntu)
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - munin
    - munin-node
@ -22,49 +24,56 @@
  when: not is_debuntu
 - name: Copy Munin config file
-  template: src={{ item.src }}
+  template:
-            dest={{ item.dest }}
+    src: "{{ item.src }}"
-            owner=root
+    dest: "{{ item.dest }}"
-            group=root
+    owner: root
-            mode=0644
+    group: root
    mode: 0644
  with_items:
    - { src: 'munin.conf.j2', dest: '/etc/munin/munin.conf' }
    - { src: 'munin24.conf.j2', dest: '/etc/{{ apache_config_dir }}/munin24.conf' }
 - name: Create admin user
-  htpasswd: path=/etc/munin/munin-htpasswd
+  htpasswd:
-            name=Admin
+    path: /etc/munin/munin-htpasswd
-            password=changeme
+    name: Admin
-            create=yes
+    password: changeme
-            state=present
+    create: yes
    state: present
 - name: Enable munin-node service
-  service: name=munin-node
+  service:
-           enabled=yes
+    name: munin-node
-           state=started
+    enabled: yes
    state: started
  when: munin_enabled
- name: Enable Apache lookup
+- name: Enable Apache lookup (debuntu)
-  file: src=/etc/apache2/sites-available/munin24.conf
+  file:
-        dest=/etc/apache2/sites-enabled/munin24.conf
+    src: /etc/apache2/sites-available/munin24.conf
-        state=link
+    dest: /etc/apache2/sites-enabled/munin24.conf
    state: link
  when: munin_enabled and is_debuntu
- name: Disable Apache lookup
+- name: Disable Apache lookup (debuntu)
-  file: src=/etc/apache2/sites-available/munin24.conf
+  file:
-        dest=/etc/apache2/sites-enabled/munin24.conf
+    src: /etc/apache2/sites-available/munin24.conf
-        state=absent
+    dest: /etc/apache2/sites-enabled/munin24.conf
    state: absent
  when: not munin_enabled and is_debuntu
 - name: Disable munin-node service when it becomes disabled
-  service: name=munin-node
+  service:
-           enabled=no
+    name: munin-node
-           state=stopped
+    enabled: no
    state: stopped
  when: not munin_enabled
 - name: If MySQL is enabled, let Munin monitor it
-  copy: dest=/etc/munin/plugins/
+  copy:
-        src={{ item }}
+    src: "{{ item }}"
    dest: /etc/munin/plugins/
  with_items:
    - /usr/share/munin/plugins/mysql_
    - /usr/share/munin/plugins/mysql_bytes
@ -75,14 +84,15 @@
    - /usr/share/munin/plugins/mysql_threads
  when: mysql_enabled
- name: Add munin to service list
+- name: Add 'munin' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=munin
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: munin
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: munin
+      value: Munin
    - option: description
      value: '"Munin is a networked resource monitoring tool that can help analyze resource trends and \"what just happened to kill our performance?\" problems."'
    - option: installed
--- a/roles/mysql/tasks/main.yml
+++ b/roles/mysql/tasks/main.yml
@ -1,6 +1,7 @@
    - name: Install MySQL (debuntu)
-      package: name={{ item }}
+      package:
-               state=present
+        name: "{{ item }}"
        state: present
      with_items:
        - mariadb-server
        - mariadb-client
@ -18,17 +19,22 @@
      tags:
        - download
-    - name: php-xml for 'ubuntu' and 'debian-9'
+    - name: php-xml (ubuntu or debian_9)
-      package: name=php{{ php_version }}-xml state=present
+      package:
        name: "php{{ php_version }}-xml"
        state: present
      when: is_ubuntu or is_debian_9
-    - name: php-xml for 'debian-8'
+    - name: php-xml (debian_8)
-      package: name=php-xml-parser state=present
+      package:
        name: "php-xml-parser"
        state: present
      when: is_debian_8
    - name: Install MySQL (OS's other than debuntu)
-      package: name={{ item }}
+      package:
-               state=present
+        name: "{{ item }}"
        state: present
      with_items:
        - MySQL-python
        - mysql
@ -57,29 +63,43 @@
 # Name of mysql service varies by OS so softcoded in 1-prep
    - name: Start the MySQL service
-      service: name={{ mysql_service }}
+      service:
-               state=started
+        name: "{{ mysql_service }}"
        state: started
    - name: Enable the MySQL service
-      service: name={{ mysql_service }}
+      service:
-               enabled=yes
+        name: "{{ mysql_service }}"
        enabled: yes
      when: mysql_enabled
 # 'localhost' needs to be the last item for idempotency, see
 # http://ansible.cc/docs/modules.html#mysql-user
 # unfortunately it still doesn't work
    - name: Update MySQL root password for localhost root accounts
-      mysql_user: name=root host={{ item }}  password={{ mysql_root_password }} priv=*.*:ALL,GRANT
+      mysql_user:
        name: root
        host: "{{ item }}"
        password: "{{ mysql_root_password }}"
        priv: "*.*:ALL,GRANT"
      with_items:
        - localhost
      when: mysql_enabled
    - name: Copy .my.cnf file with root password credentials
-      template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600
+      template:
        src: my.cnf.j2
        dest: /root/.my.cnf
        owner: root
        mode: 0600
      when: mysql_enabled
    - name: Update MySQL root password for all remaining root accounts
-      mysql_user: name=root host={{ item }}  password={{ mysql_root_password }} priv=*.*:ALL,GRANT
+      mysql_user:
        name: root
        host: "{{ item }}"
        password: "{{ mysql_root_password }}"
        priv: "*.*:ALL,GRANT"
      with_items:
 #        - "{{ iiab_hostname }}.{{ iiab_domain }}"
        - 127.0.0.1
@ -87,33 +107,42 @@
      when: mysql_enabled
    - name: Delete anonymous MySQL server user for {{ ansible_hostname }}
-      mysql_user: user="" host="{{ ansible_hostname }}" state="absent"
+      mysql_user:
        user: ""
        host: "{{ ansible_hostname }}"
        state: absent
      when: mysql_enabled
    - name: Delete anonymous MySQL server user for localhost
-      mysql_user: user="" state="absent"
+      mysql_user:
        user: ""
        state: absent
      when: mysql_enabled
    - name: Remove the MySQL test database
-      mysql_db: db=test state=absent
+      mysql_db:
        db: test
        state: absent
      when: mysql_enabled
 # we had to start mysql in order to configure it, now turn if off if not enabled
    - name: Provisionally Disable the MySQL service
-      service: name={{ mysql_service }}
+      service:
-               enabled=no
+        name: "{{ mysql_service }}"
-               state=stopped
+        enabled: no
        state: stopped
      when: not mysql_enabled
-    - name: Add 'mysql' to service list
+    - name: Add 'mysql' to list of services at /etc/iiab/iiab.ini
-      ini_file: dest='{{ service_filelist }}'
+      ini_file:
-                    section=mysql
+        dest: "{{ service_filelist }}"
-                    option='{{ item.option }}'
+        section: mysql
-                    value='{{ item.value }}'
+        option: "{{ item.option }}"
        value: "{{ item.value }}"
      with_items:
-            - option: name
+        - option: name
-              value: mysql-database
+          value: MySQL
-            - option: description
+        - option: description
-              value: '"MySQL is a widely used free and open source (GPLv2) database, offered by most web hosting services, on a diversity of platforms."'
+          value: '"MySQL is a widely used free and open source (GPLv2) database, offered by most web hosting services, on a diversity of platforms."'
-            - option: enabled
+        - option: enabled
-              value: "{{ mysql_enabled }}"
+          value: "{{ mysql_enabled }}"
--- a/roles/network/tasks/dansguardian.yml
+++ b/roles/network/tasks/dansguardian.yml
@ -1,47 +1,53 @@
 - name: Install DansGuardian packages
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - dansguardian
  tags:
    - download
- name: Copy DansGuardian config file
+- name: Copy DansGuardian config file (Fedora)
-  template: src=roles/network/templates/squid/dansguardian.conf.j2
+  template:
-            dest=/etc/dansguardian/dansguardian.conf
+    src: roles/network/templates/squid/dansguardian.conf.j2
-            owner=dansguardian
+    dest: /etc/dansguardian/dansguardian.conf
-            group=dansguardian
+    owner: dansguardian
-            mode=0640
+    group: dansguardian
    mode: 0640
  when: ansible_distribution == "Fedora"
- name: Copy DansGuardian config file
+- name: Copy DansGuardian config file (debuntu)
-  template: src=roles/network/templates/squid/dansguardian.conf.debian.j2
+  template:
-            dest=/etc/dansguardian/dansguardian.conf
+    src: roles/network/templates/squid/dansguardian.conf.debian.j2
-            owner=dansguardian
+    dest: /etc/dansguardian/dansguardian.conf
-            group=dansguardian
+    owner: dansguardian
-            mode=0640
+    group: dansguardian
    mode: 0640
  when: is_debuntu
- name: Copy DansGuardian config file for CentOS
+- name: Copy DansGuardian config file (CentOS)
-  template: src=roles/network/templates/squid/dansguardian.conf.centos.j2
+  template:
-            dest=/etc/dansguardian/dansguardian.conf
+    src: roles/network/templates/squid/dansguardian.conf.centos.j2
-            owner=dansguardian
+    dest: /etc/dansguardian/dansguardian.conf
-            group=vscan
+    owner: dansguardian
-            mode=0640
+    group: vscan
    mode: 0640
  when: ansible_distribution == "CentOS"
- name: Create 'dansguardian' log directory
+- name: Create 'dansguardian' log directory (OS's other than CentOS)
-  file: path=/var/log/dansguardian
+  file:
-        owner=dansguardian
+    path: /var/log/dansguardian
-        group=dansguardian
+    owner: dansguardian
-        mode=0750
+    group: dansguardian
-        state=directory
+    mode: 0750
    state: directory
  when: ansible_distribution != "CentOS"
- name: Create DansGuardian log directory for CentOS
+- name: Create DansGuardian log directory (CentOS)
-  file: path=/var/log/dansguardian
+  file:
-        owner=dansguardian
+    path: /var/log/dansguardian
-        group=vscan
+    owner: dansguardian
-        mode=0750
+    group: vscan
-        state=directory
+    mode: 0750
    state: directory
  when: ansible_distribution == "CentOS"
--- a/roles/network/tasks/squid.yml
+++ b/roles/network/tasks/squid.yml
@ -1,6 +1,7 @@
 - name: Install Squid packages
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - "{{ proxy }}"
    - cadaver
@ -12,21 +13,24 @@
  when: is_ubuntu
 - name: Stop Squid
-  service: name={{ proxy }}
+  service:
-           state=stopped
+    name: "{{ proxy }}"
    state: stopped
  when: not installing
 - name: Create the Squid user
-  user: name={{ proxy_user }}
+  user:
-        createhome=False
+    name: "{{ proxy_user }}"
-        shell=/bin/false
+    createhome: False
    shell: /bin/false
 - name: Copy init script and config file
-  template: src={{ item.src }}
+  template:
-            dest={{ item.dest }}
+    src: "{{ item.src }}"
-            owner={{ item.owner }}
+    dest: "{{ item.dest }}"
-            group={{ item.group }}
+    owner: "{{ item.owner }}"
-            mode={{ item.mode }}
+    group: "{{ item.group }}"
    mode: "{{ item.mode }}"
  with_items:
    - src: 'roles/network/templates/squid/squid.sysconfig'
      dest: '/etc/sysconfig/squid'
@ -60,43 +64,48 @@
      mode: '0755'
 - name: Create Squid cache directory
-  file: path=/library/cache
+  file:
-        owner={{ proxy_user }}
+    path: /library/cache
-        group={{ proxy_user }}
+    owner: "{{ proxy_user }}"
-        mode=0750
+    group: "{{ proxy_user }}"
-        state=directory
+    mode: 0750
    state: directory
 - name: Create Squid log directory
-  file: path=/var/log/{{ proxy }}
+  file:
-        owner={{ proxy_user }}
+    path: "/var/log/{{ proxy }}"
-        group={{ proxy_user }}
+    owner: "{{ proxy_user }}"
-        mode=0750
+    group: "{{ proxy_user }}"
-        state=directory
+    mode: 0750
    state: directory
 - include_tasks: roles/network/tasks/dansguardian.yml
  when: dansguardian_install
- name: Add Squid to service list
+# {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8
-  ini_file: dest='{{ service_filelist }}'
+- name: Add '{{ proxy }}' to list of services at /etc/iiab/iiab.ini
-            section={{ proxy }}
+  ini_file:
-            option='{{ item.option }}'
+    dest: "{{ service_filelist }}"
-            value='{{ item.value }}'
+    section: "{{ proxy }}"
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: squid
+      value: Squid
    - option: description
      value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter."'
    - option: enabled
      value: "{{ squid_enabled }}"
- name: Add 'dansguardian' to service list
+- name: Add 'dansguardian' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=dansguardian
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: dansguardian
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: dansguardian
+      value: DansGuardian
    - option: description
      value: '"DansGuardian searches web content for objectionable references and denies access when found."'
    - option: enabled
--- a/roles/nextcloud/tasks/F18.yml
+++ b/roles/nextcloud/tasks/F18.yml
@ -1,11 +1,17 @@
 - name: Remove /etc/nextcloud to avoid confusion as we use the config in {{ nextcloud_prefix }}/nextcloud/config/
-  file: path=/etc/nextcloud
+  file:
-        state=absent
+    path: /etc/nextcloud
    state: absent
 # but we use the tar file to get the latest version; really only benefits the xo4 on fedora 18
- name: Get the nextcloud software
+- name: Download latest Nextcloud software to /opt/iiab/download/{{ nextcloud_src_file }}
-  get_url: url="{{ nextcloud_dl_url }}"/{{ nextcloud_src_file }}  dest={{ downloads_dir }}/{{ nextcloud_src_file }}
+  get_url:
    url: "{{ nextcloud_dl_url }}/{{ nextcloud_orig_src_file }}"
    dest: "{{ downloads_dir }}/{{ nextcloud_src_file }}"
    timeout: "{{ download_timeout }}"
  when: internet_available
 - name: Copy it to permanent location /opt
-  unarchive: src={{ downloads_dir }}/{{ nextcloud_src_file }}  dest=/opt/
+  unarchive:
    src: "{{ downloads_dir }}/{{ nextcloud_src_file }}"
    dest: /opt/
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@ -18,6 +18,7 @@
    url: "{{ nextcloud_dl_url }}/{{ nextcloud_orig_src_file }}"
    dest: "{{ downloads_dir }}/{{ nextcloud_src_file }}"
    force: yes
    timeout: "{{ download_timeout }}"
  when: internet_available and nextcloud_force_install
  async: 900
  poll: 15
@ -162,13 +163,13 @@
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
-  - option: name
+    - option: name
-    value: Nextcloud
+      value: Nextcloud
-  - option: description
+    - option: description
-    value: '"NextCloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."'
+      value: '"NextCloud is a local server-based facility for sharing files, photos, contacts, calendars, etc."'
-  - option: path
+    - option: path
-    value: "{{ nextcloud_prefix }}/nextcloud"
+      value: "{{ nextcloud_prefix }}/nextcloud"
-  - option: source
+    - option: source
-    value: "{{ nextcloud_src_file }}"
+      value: "{{ nextcloud_src_file }}"
-  - option: enabled
+    - option: enabled
-    value: "{{ nextcloud_enabled }}"
+      value: "{{ nextcloud_enabled }}"
--- a/roles/nodogsplash/tasks/rpi.yml
+++ b/roles/nodogsplash/tasks/rpi.yml
@ -3,13 +3,14 @@
    name: libmicrohttpd12
    state: present
- name: Get the nodogsplash software
+- name: Download nodogsplash software
  get_url:
     url: "{{ iiab_download_url }}/{{ nodogsplash_arm_deb }}"
     dest: "{{ downloads_dir }}/{{ nodogsplash_arm_deb }}"
     timeout: "{{ download_timeout }}"
  when: internet_available
-  async: 300
+  #async: 300
-  poll: 5
+  #poll: 5
 - name: Install nodogsplash
  apt:
@ -58,11 +59,11 @@
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
-  - option: name
+    - option: name
-    value: nodogsplash
+      value: nodogsplash
-  - option: description
+    - option: description
-    value: '"Nodogsplash is a lightweight Captive Portal."'
+      value: '"Nodogsplash is a lightweight Captive Portal."'
-  - option: source
+    - option: source
-    value: "{{ nodogsplash_arm_deb }}"
+      value: "{{ nodogsplash_arm_deb }}"
-  - option: enabled
+    - option: enabled
-    value: "{{ nodogsplash_enabled }}"
+      value: "{{ nodogsplash_enabled }}"
--- a/roles/phpmyadmin/tasks/main.yml
+++ b/roles/phpmyadmin/tasks/main.yml
@ -1,7 +1,8 @@
- name: Download the phpMyAdmin software
+- name: Download phpMyAdmin software
  get_url:
    url: "{{ iiab_download_url }}/{{ phpmyadmin_name_zip }}"
    dest: "{{ downloads_dir }}"
    timeout: "{{ download_timeout }}"
  #register: phpmyadmin_dl_output
  when: internet_available
@ -71,11 +72,11 @@
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
-  - option: name
+    - option: name
-    value: phpMyAdmin
+      value: phpMyAdmin
-  - option: description
+    - option: description
-    value: '"phpMyAdmin is an interface with a MySQL database written in PHP, and available to administer the database engine locally or across the network."'
+      value: '"phpMyAdmin is an interface with a MySQL database written in PHP, and available to administer the database engine locally or across the network."'
-  - option: path
+    - option: path
-    value: /opt/phpmyadmin
+      value: /opt/phpmyadmin
-  - option: enabled
+    - option: enabled
-    value: "{{ phpmyadmin_enabled }}"
+      value: "{{ phpmyadmin_enabled }}"
--- a/roles/postgresql/tasks/main.yml
+++ b/roles/postgresql/tasks/main.yml
@ -1,94 +1,107 @@
 - name: Install PostgreSQL packages
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - postgresql
  tags:
    - download
- name: Install PostgreSQL for Debian
+- name: Install postgresql-client (debuntu)
-  package: name=postgresql-client
+  package:
    name: postgresql-client
  when: is_debuntu
  tags:
    - download
- name: Install PostgreSQL for Fedora
+- name: Install postgresql-server (OS's other than debuntu)
-  package: name=postgresql-server
+  package:
    name: postgresql-server
  when: not is_debuntu
  tags:
    - download
 - name: Create postgresql-iiab systemd service
-  template: src=postgresql-iiab.service
+  template:
-            dest=/etc/systemd/system/postgresql-iiab.service
+    src: postgresql-iiab.service
-            owner=root
+    dest: /etc/systemd/system/postgresql-iiab.service
-            group=root
+    owner: root
-            mode=0644
+    group: root
    mode: 0644
 - name: Create postgres data directory
-  file: path=/library/pgsql-iiab
+  file:
-        owner=postgres
+    path: /library/pgsql-iiab
-        group=postgres
+    owner: postgres
-        mode=0700
+    group: postgres
-        state=directory
+    mode: 0700
    state: directory
- name: Make sure that the en_US locale is enabled
+- name: Make sure that the en_US locale is enabled (debuntu)
-  lineinfile: dest=/etc/locale.gen
+  lineinfile:
-              line="{{ postgresql_locale }} UTF-8"
+    dest: /etc/locale.gen
    line: "{{ postgresql_locale }} UTF-8"
  when: is_debuntu
- name: Generate the selected locales
+- name: Generate the selected locales (debuntu)
  command: /usr/sbin/locale-gen
  when: is_debuntu
- name: Initialize the postgres db
+- name: Initialize the postgres db (debuntu)
-  command:  su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }}  -D /library/pgsql-iiab"
+  command: su - postgres -c "/usr/lib/postgresql/{{ postgresql_version }}/bin/initdb -E 'UTF-8' --locale={{ postgresql_locale }} -D /library/pgsql-iiab"
-            creates=/library/pgsql-iiab/pg_hba.conf
+  args:
    creates: /library/pgsql-iiab/pg_hba.conf
  when: is_debuntu
- name: Initialize the postgres db
+- name: Initialize the postgres db (OS's other than debuntu)
-  command:  su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }}  -D /library/pgsql-iiab"
+  command: su - postgres -c "/usr/bin/initdb -E 'UTF-8' --lc-collate={{ postgresql_locale }} --lc-ctype={{ postgresql_locale }} -D /library/pgsql-iiab"
-            creates=/library/pgsql-iiab/pg_hba.conf
+  args:
    creates: /library/pgsql-iiab/pg_hba.conf
  when: not is_debuntu
 - name: Configure PostgreSQL
-  template: backup=yes
+  template:
-            src=postgresql.conf.j2
+    backup: yes
-            dest=/library/pgsql-iiab/postgresql.conf
+    src: postgresql.conf.j2
-            owner=postgres
+    dest: /library/pgsql-iiab/postgresql.conf
-            group=postgres
+    owner: postgres
-            mode=0640
+    group: postgres
    mode: 0640
- name: Stop postgresql service
+- name: Stop postgresql service (debuntu)
  command: "/etc/init.d/postgresql stop"
  ignore_errors: True
  when: postgresql_install and is_debuntu
 - name: Stop and disable stock postgresql service
-  service: name=postgresql
+  service:
-           state=stopped
+    name: postgresql
-           enabled=no
+    state: stopped
    enabled: no
 - name: Start and enable postgresql-iiab service
-  service: name=postgresql-iiab
+  service:
-           state=started
+    name: postgresql-iiab
-           enabled=yes
+    state: started
    enabled: yes
  when: postgresql_enabled
 - name: Stop and disable postgresql-iiab service if not postgresql_enabled
-  service: name=postgresql-iiab
+  service:
-           state=stopped
+    name: postgresql-iiab
-           enabled=no
+    state: stopped
    enabled: no
  when: not postgresql_enabled
- name: Add postgresql to service list
+- name: Add 'postgresql' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=postgresql
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: postgresql
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: postgresql
+      value: PostgreSQL
    - option: description
      value: '"PostgreSQL is a powerful, open source object-relational database system."'
    - option: installed
--- a/roles/samba/tasks/main.yml
+++ b/roles/samba/tasks/main.yml
@ -2,16 +2,25 @@
 # Create a smbuser
 #
- name: create smb user
+- name: Create smb user
-  user: name="{{ smbuser }}" shell=/sbin/nologin password="{{ smbpassword }}"
+  user:
    name: "{{ smbuser }}"
    shell: /sbin/nologin
    password: "{{ smbpassword }}"
- name: create the public folder
+- name: Create the public folder
-  file: dest="{{ shared_dir }}" owner="{{ smbuser }}" group="{{ smbuser }}" mode=0777 state=directory
+  file:
    dest: "{{ shared_dir }}"
    owner: "{{ smbuser }}"
    group: "{{ smbuser }}"
    mode: 0777
    state: directory
 # Install and configure samba server (requires ports 137, 138, 139, 445 open).
- name: Ensure Samba-related packages are installed.
+- name: Ensure Samba-related packages are installed
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
  - samba
  - samba-client
@ -21,41 +30,56 @@
    - samba
    - download
- name: put our smb.conf in place
+- name: Put our smb.conf in place
-  template: src=smb.conf.j2 dest=/etc/samba/smb.conf
+  template:
    src: smb.conf.j2
    dest: /etc/samba/smb.conf
 - name: Ensure Samba is running and set to start on boot.
-  service: name={{ smb_service }} state=started enabled=yes
+  service:
    name: "{{ smb_service }}"
    state: started
    enabled: yes
  tags:
    - samba
  when : samba_enabled
- name: netbios name server is running and set to start on boot.
+- name: NetBIOS name server is running and set to start on boot
-  service: name={{ nmb_service }} state=started enabled=yes
+  service:
    name: "{{ nmb_service }}"
    state: started
    enabled: yes
  tags:
    - samba
  when : samba_enabled
 - name: Disable Samba if that is wanted
-  service: name={{ smb_service }} state=stopped enabled=no
+  service:
    name: "{{ smb_service }}"
    state: stopped
    enabled: no
  tags:
    - samba
  when : not samba_enabled
 - name: Disable Samba name server if that is wanted
-  service: name={{ nmb_service }} state=stopped enabled=no
+  service:
    name: "{{ nmb_service }}"
    state: stopped
    enabled: no
  tags:
    - samba
  when : not samba_enabled
- name: Add samba to service list
+- name: Add 'samba' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=samba
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: samba
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: samba
+      value: Samba
    - option: description
      value: '"Samba is a Microsoft-compatible network file system that re-implements SMB/CIFS (Common Internet File System)."'
    - option: enabled
--- a/roles/sugarizer/tasks/main.yml
+++ b/roles/sugarizer/tasks/main.yml
@ -2,6 +2,8 @@
  get_url:
    url: "{{ iiab_download_url }}/{{ sugarizer_version }}.tar.gz"
    dest: "{{ downloads_dir }}/{{ sugarizer_version }}.tar.gz"
    timeout: "{{ download_timeout }}"
  when: internet_available
 - name: Untar to /library/www/html/{{ sugarizer_version }}
  unarchive:
@ -40,12 +42,13 @@
 # attempting to reinstall npm is broken on Raspbian 9
 - name: Check for Sugarizer already installed
-  stat: path={{ sugarizer_location }}/sugarizer/server/node_modules
+  stat:
    path: "{{ sugarizer_location }}/sugarizer/server/node_modules"
  register: npm
 - name: Set a flag to abort second attempt to install
  set_fact:
-     npm_exists: True
+    npm_exists: True
  when: npm.stat.exists is defined and npm.stat.exists
 - name: Create systemd files and copy our ini file
@ -56,8 +59,8 @@
    group: root
    mode: 0644
  with_items:
-     - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'}
+    - { src: 'sugarizer.service.j2' , dest: '/etc/systemd/system/sugarizer.service'}
-     - { src: 'sugarizer.ini' , dest: '{{ sugarizer_location }}/sugarizer/server' }
+    - { src: 'sugarizer.ini' , dest: '{{ sugarizer_location }}/sugarizer/server' }
 #     - { src: 'sugarizer.conf' , dest: '/etc/apache2/sites-available' }
 #- name: Create the symlink enabling the rewrite
@ -68,14 +71,14 @@
 - name: Create the express framework for Node.js (OS's other than Fedora 18)
  shell: npm install
  args:
-     chdir: "{{ sugarizer_location }}/sugarizer/server"
+    chdir: "{{ sugarizer_location }}/sugarizer/server"
-     creates: "{{ sugarizer_location }}/sugarizer/server/node_modules"
+    creates: "{{ sugarizer_location }}/sugarizer/server/node_modules"
  when: not is_F18 and not npm_exists
 - name: Create the express framework for Node.js (Fedora 18)
  shell: npm install
  args:
-     chdir: "{{ sugarizer_location }}/sugarizer/server"
+    chdir: "{{ sugarizer_location }}/sugarizer/server"
  when: is_F18 and not npm_exists
 - name: Enable services (all OS's)
@ -84,7 +87,7 @@
    enabled: yes
    state: restarted
  with_items:
-      - { name: sugarizer }
+    - { name: sugarizer }
  when: sugarizer_enabled
 - name: Disable services (all OS's)
@ -103,9 +106,9 @@
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
-  - option: name
+    - option: name
-    value: Sugarizer
+      value: Sugarizer
-  - option: description
+    - option: description
-    value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."'
+      value: '"The Sugar Learning Platform began with the famous One Laptop Per Child project, written in Python. Sugarizer is the new HTML/JavaScript implementation of Sugar, usable in most all browsers."'
-  - option: enabled
+    - option: enabled
-    value: "{{ sugarizer_enabled }}"
+      value: "{{ sugarizer_enabled }}"
--- a/roles/teamviewer/tasks/install.yml
+++ b/roles/teamviewer/tasks/install.yml
@ -1,47 +1,51 @@
-# we need to install X11 and the xfce display manager
+# we need to install X11 and the Xfce display manager
- name: Install xfce group of packages
+- name: Install Xfce group of packages
  shell: "yum groupinstall -y xfce"
-  when: xo_model == "none" and internet_available  and ansible_distribution_version <= "20"
+  when: xo_model == "none" and internet_available and ansible_distribution_version <= "20"
  tags:
    - download
 - name: Install X11 group of packages
  shell: "yum groupinstall -y 'X Window system'"
-  when: xo_model == "none" and internet_available  and ansible_distribution_version <= "20"
+  when: xo_model == "none" and internet_available and ansible_distribution_version <= "20"
  tags:
    - download
- name: Install xfce group of packages
+- name: Install Xfce group of packages
  shell: yum groupinstall -y "Xfce Desktop" --exclude fedora-release\*
-  when: xo_model == "none" and internet_available  and ansible_distribution_version >= "21"
+  when: xo_model == "none" and internet_available and ansible_distribution_version >= "21"
  tags:
    - download
 - name: Install X Windows on CentOS
  shell: yum groupinstall -y "Server with GUI"
-  when: internet_available  and ansible_distribution == "CentOS"
+  when: internet_available and ansible_distribution == "CentOS"
  tags:
    - download
- name: Get the teamviewer software
+- name: Download TeamViewer software
-  get_url: url="{{ teamviewer_url }}/{{ teamviewer_rpm_file }}"  dest="{{ yum_packages_dir }}/{{ teamviewer_rpm_file }}"
+  get_url:
    url: "{{ teamviewer_url }}/{{ teamviewer_rpm_file }}"
    dest: "{{ yum_packages_dir }}/{{ teamviewer_rpm_file }}"
    timeout: "{{ download_timeout }}"
  when: internet_available
  tags:
    - download
 # F22 has issues with yum localinstall exclude for now
- name: Do the install of teamviewer, pulling in any required dependencies
+- name: Do the install of TeamViewer, pulling in any required dependencies
  shell: "yum localinstall -y {{ yum_packages_dir }}/{{ teamviewer_rpm_file }}"
  when: teamviewer_install and internet_available
           and xo_model == "none" and ansible_distribution_version <= "21"
- name: making local copy available
+- name: Making local copy available
  shell: createrepo {{ yum_packages_dir }}
  when: teamviewer_install and xo_model == "none" and ansible_distribution_version >= "22"
- name: using local copy
+- name: Using local copy
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
-   - teamviewer*
+    - teamviewer*
  when: teamviewer_install and xo_model == "none" and ansible_distribution_version >= "22"
--- a/roles/vnstat/tasks/main.yml
+++ b/roles/vnstat/tasks/main.yml
@ -1,18 +1,20 @@
 ---
 - name: Install required packages
-  package: name={{ item }}
+  package:
-           state=present
+    name: "{{ item }}"
    state: present
  with_items:
    - vnstat
  tags:
    - download
 - name: Put the config file in place
-  template: src=vnstat.conf.j2
+  template:
-            dest=/etc/vnstat.conf
+    src: vnstat.conf.j2
-            mode=0744
+    dest: /etc/vnstat.conf
-            owner=root
+    mode: 0744
-            group=root
+    owner: root
    group: root
 - name: Create database for WAN to collect vnStat data
  shell: /usr/bin/vnstat -i {{ iiab_wan_iface }}
@ -22,16 +24,20 @@
  when: iiab_lan_iface is defined
 - name: Start vnStat daemon via systemd
-  service: name=vnstat enabled=yes state=started
+  service:
    name: vnstat
    enabled: yes
    state: started
- name: Add vnStat to service list
+- name: Add 'vnstat' to list of services at /etc/iiab/iiab.ini
-  ini_file: dest='{{ service_filelist }}'
+  ini_file:
-            section=vnstat
+    dest: "{{ service_filelist }}"
-            option='{{ item.option }}'
+    section: vnstat
-            value='{{ item.value }}'
+    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
-      value: vnstat
+      value: vnStat
    - option: description
      value: '"vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s)."'
    - option: installed
--- a/roles/wordpress/tasks/install.yml
+++ b/roles/wordpress/tasks/install.yml
@ -15,6 +15,7 @@
  get_url:
    url: "{{ wordpress_download_base_url }}/{{ wordpress_src }}"
    dest: "{{ downloads_dir }}"
    timeout: "{{ download_timeout }}"
 #   force: yes
 #   backup: yes
  register: wp_download_output
@ -61,66 +62,78 @@
  command: "/usr/bin/find {{ wp_abs_path }} -type d -exec chmod 775 {} +"
 - name: Copy wp salt values
-  copy: src=wp-keys.php.BAK
+  copy:
-        dest={{ wp_abs_path }}/wp-keys.php.BAK
+    src: wp-keys.php.BAK
-        owner=root
+    dest: "{{ wp_abs_path }}/wp-keys.php.BAK"
-        group={{ apache_user }}
+    owner: root
-        mode=0640
+    group: "{{ apache_user }}"
    mode: 0640
 # Fetch random salts for WordPress config into wp-keys.php file by generating script and running
 - name: Create wp salt script
-  template: src=get-iiab-wp-salts.j2
+  template:
-            dest=/tmp/get-iiab-wp-salts
+    src: get-iiab-wp-salts.j2
-            owner=root
+    dest: /tmp/get-iiab-wp-salts
-            group=root
+    owner: root
-            mode=0700
+    group: root
    mode: 0700
 - name: Run wp salt script to create /library/wordpress/wp-keys.php
  command: /tmp/get-iiab-wp-salts
 - name: Cleanup - remove wp salt script
-  file: path=/tmp/get-iiab-wp-salts
+  file:
-        state=absent
+    path: /tmp/get-iiab-wp-salts
    state: absent
 - name: MySQL database needs to be running if we are trying to create a new db
-  service: state=started
+  service:
-           name='{{ mysql_service }}'
+    state: started
    name: "{{ mysql_service }}"
 - name: Create MySQL wordpress database
-  mysql_db: name={{ wp_db_name }}
+  mysql_db:
-            state=present
+    name: "{{ wp_db_name }}"
    state: present
 - name: Create MySQL wordpress database user
-  mysql_user: name={{ wp_db_user }}
+  mysql_user:
-              password={{ wp_db_user_password }}
+    name: "{{ wp_db_user }}"
-              priv={{ wp_db_name }}.*:ALL,GRANT
+    password: "{{ wp_db_user_password }}"
-              state=present
+    priv: "{{ wp_db_name }}.*:ALL,GRANT"
    state: present
 - name: Copy WordPress config file
-  template: src=wp-config.php.j2
+  template:
-            dest={{ wp_abs_path }}/wp-config.php
+    src: wp-config.php.j2
-            owner=root
+    dest: "{{ wp_abs_path }}/wp-config.php"
-            group={{ apache_user }}
+    owner: root
-            mode=0660
+    group: "{{ apache_user }}"
    mode: 0660
 - name: Copy WordPress httpd conf file
-  template: src=wordpress.conf.j2
+  template:
-            dest=/etc/{{ apache_config_dir }}/wordpress.conf
+    src: wordpress.conf.j2
    dest: "/etc/{{ apache_config_dir }}/wordpress.conf"
 - name: Enable httpd conf file if we are disabled (debuntu)
-  file: path=/etc/apache2/sites-enabled/wordpress.conf
+  file:
-        src=/etc/apache2/sites-available/wordpress.conf
+    src: /etc/apache2/sites-available/wordpress.conf
-        state=link
+    dest: /etc/apache2/sites-enabled/wordpress.conf
    state: link
  when: wordpress_enabled and is_debuntu
 - name: Remove httpd conf file if we are disabled (OS's other than debuntu)
-  file: path=/etc/apache2/sites-enabled/wordpress.conf
+  file:
-        state=absent
+    path: /etc/apache2/sites-enabled/wordpress.conf
    state: absent
  when: not wordpress_enabled and is_debuntu
 - name: Restart Apache, so it picks up the new aliases
-  service: name={{ apache_service }} state=restarted
+  service:
    name: "{{ apache_service }}"
    state: restarted
 - name: Add 'wordpress' to list of services at /etc/iiab/iiab.ini
  ini_file:
@ -129,21 +142,21 @@
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
-  - option: name
+    - option: name
-    value: WordPress
+      value: WordPress
-  - option: description
+    - option: description
-    value: '"WordPress is a blog and web site management application."'
+      value: '"WordPress is a blog and web site management application."'
-  - option: wordpress_src
+    - option: wordpress_src
-    value: "{{ wordpress_src }}"
+      value: "{{ wordpress_src }}"
-  - option: wp_abs_path
+    - option: wp_abs_path
-    value: "{{ wp_abs_path }}"
+      value: "{{ wp_abs_path }}"
-  - option: wp_db_name
+    - option: wp_db_name
-    value: "{{ wp_db_name }}"
+      value: "{{ wp_db_name }}"
-  - option: wp_db_user
+    - option: wp_db_user
-    value: "{{ wp_db_user }}"
+      value: "{{ wp_db_user }}"
-  - option: wp_url
+    - option: wp_url
-    value: "{{ wp_url }}"
+      value: "{{ wp_url }}"
-  - option: wp_full_url
+    - option: wp_full_url
-    value: "{{ wp_full_url }}"
+      value: "{{ wp_full_url }}"
-  - option: wordpress_enabled
+    - option: wordpress_enabled
-    value: "{{ wordpress_enabled }}"
+      value: "{{ wordpress_enabled }}"
--- a/vars/default_vars.yml
+++ b/vars/default_vars.yml
@ -17,6 +17,8 @@ pip_packages_dir: "{{ iiab_base }}/pip-packages"
 yum_packages_dir: "{{ iiab_base }}/yum-packages"
 downloads_dir: "{{ iiab_base }}/downloads"
 iiab_download_url: http://download.iiab.io/packages
 # Ansible's default timeout for "get_url:" downloads (10 seconds) often fails
 download_timeout: 100
 # Configuration File(s)
 iiab_config_file: /etc/iiab/iiab.ini
--- a/vars/medium.localvars
+++ b/vars/medium.localvars
@ -6,6 +6,9 @@
 # Original Idea: branch github.com/xsce/xsce-local for your deployment
 # Ansible's default timeout for "get_url:" downloads (10 seconds) often fails
 download_timeout: 100
 # Users and Passwords
 # Uncomment the following if you don't want iiab_admin_user (by default