external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

Merge pull request #395 from iiab/master

Browse source 
sync from iiab:master
This commit is contained in:
A Holt 2020-05-07 12:24:39 -04:00 committed by GitHub
commit ed30ffdbd1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
74 changed files with 596 additions and 677 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
iiab-network
View file

@ -11,16 +11,34 @@ if [ ! -f iiab-network.yml ]; then
exit 1
fi
if [ ! -f /etc/iiab/config_vars.yml ]; then
echo "Creating stub /etc/iiab/config_vars.yml"
mkdir -p /etc/iiab
echo "{}" > /etc/iiab/config_vars.yml
fi
OS="unknown" # will be overridden below, if /etc/iiab/iiab.env is legit
if [ -f /etc/iiab/iiab.env ]; then
echo "Reading /etc/iiab/iiab.env"
STAGE=0
source /etc/iiab/iiab.env
if grep -q STAGE= /etc/iiab/iiab.env ; then
echo -e "\nExtracted STAGE=$STAGE (counter) from /etc/iiab/iiab.env"
if ! [ "$STAGE" -eq "$STAGE" ] 2> /dev/null; then
echo -e "\nEXITING: STAGE (counter) value == ""$STAGE"" is non-integer"
exit 1
elif [ "$STAGE" -lt 0 ] || [ "$STAGE" -gt 9 ]; then
echo -e "\nEXITING: STAGE (counter) value == ""$STAGE"" is out-of-range"
exit 1
elif [ "$STAGE" -lt 3 ]; then
echo -e "\nEXITING: STAGE (counter) value == ""$STAGE"
echo -e "\nIIAB Stage 3 not complete."
echo -e "\nPlease run: ./iiab-install"
exit 1
fi
else
echo -e "\nEXITING: STAGE (counter) not found"
echo -e "\nIIAB not installed."
echo -e "\nPlease run: ./iiab-install"
exit 1
fi
else
echo -e "\nEXITING: /etc/iiab/iiab.env not found"
exit 1
fi
echo "Ansible will now run iiab-network.yml -- log file is iiab-network.log"

2
roles/2-common/tasks/udev.yml
View file

@ -34,7 +34,7 @@
state: restarted
when: udev_unit.stat.exists is defined and udev_unit.stat.exists
- name: Enable the udev-reload service during boot.
- name: Enable the udev-reload service during boot
systemd:
name: udev-reload
enabled: yes

4
roles/2-common/templates/iiab-startup.sh
View file

@ -31,8 +31,8 @@ if [[ $(grep -i raspbian /etc/*release) &&
#)
#]];
then
ip link set dev wlan0 promisc on
echo "wlan0 promiscuous mode ON, internal AP OFF: github.com/iiab/iiab/issues/638"
# ip link set dev wlan0 promisc on
echo "wlan0 promiscuous mode ON, internal AP OFF: github.com/iiab/iiab/issues/638 DISABLED"
fi
exit 0

2
roles/calibre-web/defaults/main.yml
View file

@ -14,7 +14,7 @@
# All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
# If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
calibreweb_version: 0.6.6 # WAS: master, 0.6.4, 0.6.5
calibreweb_version: 0.6.7 # WAS: master, 0.6.4, 0.6.5, 0.6.7
calibreweb_venv_path: /usr/local/calibre-web-py3
calibreweb_exec_path: "{{ calibreweb_venv_path }}/cps.py"

49
roles/calibre/tasks/enable.yml
View file

@ -1,49 +0,0 @@
# 5. WRAP UP: ENABLE CALIBRE SERVICE, http://box/books ETC
# http://box:8080 & http://box:8080/mobile WORK BUT OTHER URL'S LIKE http://box/calibre ARE A MESS (BOOKS RARELY DISPLAY)
#
# 2018-08-27 POSSIBLE FIX...CONSIDER THIS ProxyPass / ProxyPassReverse TECHNIQUE:
# https://github.com/iiab/iiab/tree/master/roles/calibre-web/templates/calibre-web.conf.j2
# (anyway this works great for calibre-web, allowing http://box/books
# to work even better than http://box:8083 when box == 192.168.0.x !)
- name: Attempt to enable http://box/calibre via Apache (UNTESTED)
command: a2ensite calibre.conf
when: apache_installed and calibre_enabled
- name: Attempt to disable http://box/calibre via Apache (UNTESTED)
command: a2dissite calibre.conf
when: apache_installed and not calibre_enabled
- name: Enable & Start service 'calibre-serve' (/usr/bin/calibre-server by Kovid Goyal)
service:
name: calibre-serve
enabled: yes
state: started
when: calibre_enabled | bool
#async: 900
#poll: 5
- name: Reload Apache service ({{ apache_service }})
systemd:
name: "{{ apache_service }}"
state: reloaded
- name: Add 'calibre' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: calibre
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Calibre
- option: description
value: '"Calibre is an extremely popular personal library system for e-books."'
- option: url
value: "{{ calibre_src_url }}"
- option: database
value: "{{ calibre_dbpath }}"
- option: port
value: "{{ calibre_port }}"
- option: calibre_enabled
value: "{{ calibre_enabled }}"

56
roles/calibre/tasks/install.yml
View file

@ -1,25 +1,28 @@
# 1. INSTALL THE LATEST CALIBRE 3.X+ (calibre, calibredb, calibre-server etc) ON ALL OS'S
# 1. INSTALL CALIBRE 3.39.1+ or 4.12+ (calibre, calibredb, calibre-server etc) ON ALL OS'S
- name: Does /usr/bin/calibre exist?
stat:
path: "/usr/bin/calibre"
register: calib_executable
- name: "Install OS's latest packages: calibre, calibre-bin (IF not rpi AND /usr/bin/calibre MISSING)"
- name: "Install OS's latest packages: calibre, calibre-bin"
package:
name:
- calibre
- calibre-bin
state: latest
when: internet_available and not is_raspbian and (not calib_executable.stat.exists)
- name: Install Calibre .debs IF calibre_via_debs (AND /usr/bin/calibre WAS MISSING)
include_tasks: debs.yml
when: calibre_via_debs and (not calib_executable.stat.exists)
# 2020-04-29: AT YOUR OWN RISK, this *sometimes* works, e.g. to upgrade from
# Raspbian 10's Calibre 3.39.1 to "4.99.4+dfsg+really4.12.0-1" or higher, from:
# http://raspbian.raspberrypi.org/raspbian/pool/main/c/calibre/
# http://archive.raspbian.org/raspbian/pool/main/c/calibre/
#
#- name: Install Calibre via .debs (if Raspbian)
# command: scripts/calibre-install-latest-rpi.sh # WORKED for Calibre 3.33.1 on 2018-10-23. And Calibre 3.28 on 2018-07-26 (PR #971). Likewise for Calibre 3.26.x. FAILED with Calibre 3.24+ ("calibre : Depends: python-pyqt5 (>= 5.10.1+dfsg-2) but 5.10.1+dfsg-1+rpi1 is to be installed") since June 2018.
# when: is_raspbian | bool
- name: Install Calibre via calibre-installer.py IF calibre_via_python (AND /usr/bin/calibre WAS MISSING)
include_tasks: py-installer.yml
when: calibre_via_python and (not calib_executable.stat.exists)
# 2020-04-29: Can work *IF* you do 'apt install python2' and change top line
# of /opt/iiab/downloads/calibre-installer.py from '#!/usr/bin/env python2'
# to '#!/usr/bin/python2' e.g. to upgrade Calibre 4.12 on Ubuntu 20.04 LTS.
#
#- name: Install Calibre via py-installer.yml -> calibre-installer.py (if not Raspbian)
# include_tasks: py-installer.yml
# when: not is_raspbian # True Debian or any Ubuntu?
# SEE calibre_via_python's value vars/default_vars.yml, vars/ubuntu-18.yml &
# vars/raspbian-9.yml: try to AVOID Python installer on Raspbian since its
@ -34,19 +37,13 @@
# 2. SYSTEMD SERVICES
- name: Create calibre-serve.service and calibre.conf (IF /usr/bin/calibre WAS MISSING)
- name: Create /etc/systemd/system/calibre-serve.service and /etc/{{ apache_conf_dir }}/calibre.conf
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: "{{ item.mode }}"
backup: no
#register: calibre_config
with_items:
- { src: 'calibre-serve.service.j2', dest: '/etc/systemd/system/calibre-serve.service', mode: '0644'}
- { src: 'calibre.conf', dest: '/etc/{{ apache_conf_dir }}', mode: '0644'}
when: (not calib_executable.stat.exists)
- { src: 'calibre-serve.service.j2', dest: '/etc/systemd/system/calibre-serve.service' }
- { src: 'calibre.conf', dest: '/etc/{{ apache_conf_dir }}' } # apache2/sites-available (this doesn't work, see #529: let's try to create /etc/nginx/conf.d/calibre-nginx.conf in future!)
- name: Stop service 'calibre-serve' (/usr/bin/calibre-server by Kovid Goyal)
systemd:
@ -57,20 +54,15 @@
# 3. CREATE USER DATABASE
- name: Create /library/calibre (mandatory since Calibre 3.x)
- name: Create {{ calibre_dbpath }} (mandatory since Calibre 3.x)
file:
path: "{{ calibre_dbpath }}"
path: "{{ calibre_dbpath }}" # /library/calibre
state: directory
#mode: 0755
- name: Copy template userdb to /library/calibre/users.sqlite (IF /usr/bin/calibre WAS MISSING)
- name: Copy template userdb to {{ calibre_userdb }}
copy:
src: /opt/iiab/iiab/roles/calibre/templates/users.sqlite
dest: "{{ calibre_userdb }}"
owner: root
group: root
mode: 0644
when: (not calib_executable.stat.exists)
dest: "{{ calibre_userdb }}" # /library/calibre/users.sqlite
# 4. CREATE CONTENT DATABASE WITH A SAMPLE BOOK (REQUIRED AS OF CALIBRE 3.x)

86
roles/calibre/tasks/main.yml
View file

@ -1,5 +1,83 @@
- include_tasks: install.yml
when: calibre_install and not calibre_installed is defined
# "How do i fail a task in Ansible if the variable contains a boolean value?
# I want to perform input validation for Ansible playbooks"
# https://stackoverflow.com/questions/46664127/how-do-i-fail-a-task-in-ansible-if-the-variable-contains-a-boolean-value-i-want/46667499#46667499
- include_tasks: enable.yml
when: calibre_install or calibre_installed is defined
# We assume 0-init/tasks/validate_vars.yml has DEFINITELY been run, so no need
# to re-check whether vars are defined here. As Ansible vars cannot be unset:
# https://serverfault.com/questions/856729/how-to-destroy-delete-unset-a-variable-value-in-ansible
- name: Assert that "calibre_install is sameas true" (boolean not string etc)
assert:
that: calibre_install is sameas true
fail_msg: "PLEASE SET 'calibre_install: True' e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Assert that "calibre_enabled | type_debug == 'bool'" (boolean not string etc)
assert:
that: calibre_enabled | type_debug == 'bool'
fail_msg: "PLEASE GIVE VARIABLE 'calibre_enabled' A PROPER (UNQUOTED) ANSIBLE BOOLEAN VALUE e.g. IN: /etc/iiab/local_vars.yml"
quiet: yes
- name: Install Calibre if 'calibre_installed' not defined, e.g. in {{ iiab_state_file }} # /etc/iiab/iiab_state.yml
include_tasks: install.yml
when: calibre_installed is undefined
# http://box:8080 & http://box:8080/mobile WORK BUT OTHER URL'S LIKE http://box/calibre ARE A MESS (BOOKS RARELY DISPLAY)
#
# 2018-08-27 POSSIBLE FIX...CONSIDER THIS ProxyPass / ProxyPassReverse TECHNIQUE:
# https://github.com/iiab/iiab/tree/master/roles/calibre-web/templates/calibre-web.conf.j2
# (anyway this works great for calibre-web, allowing http://box/books
# to work even better than http://box:8083 when box == 192.168.0.x !)
#
#- name: Attempt to enable http://box/calibre via Apache (UNTESTED)
# command: a2ensite calibre.conf
# when: apache_installed and calibre_enabled
#
#- name: Attempt to disable http://box/calibre via Apache (UNTESTED)
# command: a2dissite calibre.conf
# when: apache_installed and not calibre_enabled
- name: Enable & (Re)Start 'calibre-serve' service, if calibre_enabled
systemd:
daemon_reload: yes
name: calibre-serve
enabled: yes
state: restarted
when: calibre_enabled | bool
- name: Disable & Stop 'calibre-serve' service, if not calibre_enabled
systemd:
name: calibre-serve
enabled: no
state: stopped
when: not calibre_enabled
#- name: Enable/Disable/Restart Apache if primary
# include_tasks: apache.yml
# when: not nginx_enabled
#
#- name: Enable/Disable/Restart NGINX if primary
# include_tasks: nginx.yml
# when: nginx_enabled | bool
- name: Add 'calibre' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}" # /etc/iiab/iiab.ini
section: calibre
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: Calibre
- option: description
value: '"Calibre is an extremely popular personal library system for e-books."'
- option: calibre_src_url
value: "{{ calibre_src_url }}"
- option: calibre_dbpath
value: "{{ calibre_dbpath }}"
- option: calibre_port
value: "{{ calibre_port }}"
- option: calibre_enabled
value: "{{ calibre_enabled }}"

59
roles/kalite/tasks/enable.yml.unused
View file

@ -1,59 +0,0 @@
# By the time we get here we should have ka-lite of some version
# And the systemd unit files should be defined
- name: Enable & (re)start 'kalite-serve' service
systemd:
daemon_reload: yes
name: kalite-serve
enabled: yes
state: restarted
when: kalite_enabled
- name: Disable & stop 'kalite-serve' service
systemd:
name: kalite-serve
enabled: no
state: stopped
when: not kalite_enabled
# 2019-10-20: Below is for Fedora 18 (XO laptops) only.
# Since F18 we don't have a separate unit file for kalite-cron.
#
# SEE --skip-job-scheduler @ https://ka-lite.readthedocs.io/en/latest/usermanual/cli.html
# ...as implemented in templates/kalite-serve.service.j2
# ...if not kalite_cron_enabled
# ...using {{ job_scheduler_stanza }} from kalite/tasks/install.yml
- name: Enable & (re)start 'kalite-cron' service (F18)
service:
name: kalite-cron
enabled: yes
state: restarted
when: kalite_cron_enabled and is_F18
- name: Disable & stop 'kalite-cron' service (F18)
service:
name: kalite-cron
enabled: no
state: stopped
when: not kalite_cron_enabled and is_F18
- name: Add 'kalite' variable values to {{ iiab_ini_file }}
ini_file:
path: "{{ iiab_ini_file }}"
section: kalite
option: "{{ item.option }}"
value: "{{ item.value | string }}"
with_items:
- option: name
value: "KA Lite"
- option: description
value: '"KA Lite downloads Khan Academy videos for offline use, with exercises and accounts if students want to track their own progress."'
- option: path
value: "{{ kalite_root }}"
- option: port
value: "{{ kalite_server_port }}"
- option: kalite_enabled
value: "{{ kalite_enabled }}"
- option: cron_enabled
value: "{{ kalite_cron_enabled }}"

76
roles/kalite/tasks/install-f18.yml.unused
View file

@ -1,76 +0,0 @@
# This is for Fedora 18, assumed to be an XO
- name: Install dependent packages (Fedora 18)
package:
name: "{{ item }}"
state: present
with_items:
- python-psutil
- expect
when: is_F18 | bool
- name: Install dependent pip packages (Fedora 18)
pip:
name: selenium
when: internet_available and is_F18
- name: Determine if KA Lite is already downloaded
stat:
path: "{{ downloads_dir }}/ka-lite"
register: kalite
- name: Download the latest KA Lite repo
git:
repo: "{{ kalite_repo_url }}"
dest: "{{ downloads_dir }}/ka-lite"
depth: 1
version: 0.13.x
ignore_errors: yes
when: internet_available and kalite.stat.exists is defined and not kalite.stat.exists
- name: Create iiab-kalite user and password (Fedora 18)
user:
name: "{{ kalite_user }}"
password: "{{ kalite_password_hash }}"
update_password: on_create
- name: Create kalite_root directory (Fedora 18)
file:
path: "{{ kalite_root }}"
owner: root
group: root
mode: 0755
state: directory
- name: Copy the KA Lite repo into place (Fedora 18)
command: "rsync -at {{ downloads_dir }}/ka-lite/ {{ kalite_root }}"
- name: Make kalite_user owner
file:
path: "{{ kalite_root }}"
owner: "{{ kalite_user }}"
group: "{{ kalite_user }}"
recurse: yes
state: directory
# local_settings is deprecated
- name: Copy local_settings file
template:
src: f18/local_settings.py.j2
dest: "{{ kalite_root }}/kalite/local_settings.py"
owner: "{{ kalite_user }}"
group: "{{ kalite_user }}"
mode: 0644
- name: Create kalite-serve & kalite-cron services, and iiab_cronservectl.sh
template:
backup: no
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: "{{ item.mode }}"
with_items:
- { src: 'f18/kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'}
- { src: 'f18/kalite-cron.service.j2', dest: '/etc/systemd/system/kalite-cron.service', mode: '0644'}
- { src: 'f18/iiab_cronservectl.sh.j2', dest: '{{ kalite_root }}/scripts/iiab_cronservectl.sh', mode: '0755'}

95
roles/kalite/tasks/install-old.yml.unused
View file

@ -1,95 +0,0 @@
# For OS's other than Fedora 18
- name: Download {{ kalite_requirements }} to {{ pip_packages_dir }}/kalite.txt
get_url:
url: "{{ kalite_requirements }}"
dest: "{{ pip_packages_dir }}/kalite.txt" # /opt/iiab/pip-packages/kalite.txt
timeout: "{{ download_timeout }}"
when: internet_available | bool
# 2020-01-19: https://github.com/piwheels/packages/issues/74 says the following is not longer needed...
#- name: Run 'mv /etc/pip.conf /etc/pip.conf.see-iiab-issue-2139' as "TEMPORARY" workaround (2020-01-17) for piwheels.org's setuptools Python 2/3 brokenness on RPi (https://github.com/iiab/iiab/issues/2139)
# command: mv /etc/pip.conf /etc/pip.conf.see-iiab-issue-2139
# ignore_errors: yes
# when: is_raspbian | bool
#- name: Install KA Lite non-static + reqs file with pip - (debuntu)
# pip: requirements={{ pip_packages_dir }}/kalite.txt
# virtualenv={{ kalite_venv }}
# virtualenv_site_packages=no
# extra_args="--no-cache-dir"
# extra_args="--disable-pip-version-check"
# when: internet_available and is_debuntu
- name: Install KA Lite static to {{ kalite_venv }}, using pip (debuntu)
pip:
name: ka-lite-static
version: "{{ kalite_version }}"
virtualenv: "{{ kalite_venv }}"
virtualenv_site_packages: no
virtualenv_command: /usr/bin/virtualenv
virtualenv_python: python2.7
extra_args: "--no-cache-dir"
# extra_args="--disable-pip-version-check"
when: internet_available and is_debuntu
#- name: Install KA Lite non-static + reqs file with pip (OS's other than debuntu)
# pip: requirements={{ pip_packages_dir }}/kalite.txt
# virtualenv={{ kalite_venv }}
# virtualenv_site_packages=no
# extra_args="--no-cache-dir"
# extra_args="--disable-pip-version-check"
# when: internet_available and not is_debuntu
- name: Install KA Lite static to {{ kalite_venv }}, using pip (OS's other than debuntu)
pip:
name: ka-lite-static
version: "{{ kalite_version }}"
virtualenv: "{{ kalite_venv }}"
virtualenv_site_packages: no
virtualenv_command: /usr/bin/virtualenv
virtualenv_python: python2.7
# extra_args="--no-cache-dir"
# extra_args="--disable-pip-version-check"
when: internet_available and not is_debuntu
# This effectively does nothing at all on Ubuntu & Raspbian, where libgeos-*
# pkgs are not installed FWIW. But it's included to safeguard us across all
# OS's, in case others OS's like Ubermix later appear. See #1382 for details.
# Removing pkgs libgeos-3.6.2 & libgeos-c1v5 fixed the situation on Ubermix!
- name: Remove libgeos-* pkgs, avoiding KA Lite Django failure on Ubermix
shell: apt -y remove "libgeos-*"
# 2019-10-20: For Fedora 18 legacy (XO laptops) specially
- name: Default is to have cronserve started with KA Lite
set_fact:
job_scheduler_stanza: ""
- name: Add --skip-job-scheduler to start if cronserve not enabled
set_fact:
job_scheduler_stanza: "--skip-job-scheduler "
when: not kalite_cron_enabled
- name: "Install from template: venv wrapper /usr/bin/kalite, systemd unit file kalite-serve.service, Apache's kalite.conf"
template:
backup: no
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: "{{ item.mode }}"
with_items:
- { src: 'kalite.sh.j2', dest: '/usr/bin/kalite', mode: '0755'}
- { src: 'kalite-serve.service.j2', dest: '/etc/systemd/system/kalite-serve.service', mode: '0644'}
- { src: 'kalite.conf', dest: '/etc/{{ apache_conf_dir }}', mode: '0644'}
- name: Fix KA Lite bug in regex parsing ifconfig output, for @m-anish's network names that contain dashes
replace:
path: /usr/local/kalite/venv/local/lib/python2.7/site-packages/kalite/packages/dist/ifcfg/parser.py
regexp: 'a-zA-Z0-9'
replace: 'a-zA-Z0-9\-'
# RECORD KA Lite AS INSTALLED
# TO DO: move the last 2 stanzas from setup.yml so they live right here,
# as any action named "install.yml" should do exactly what it says (install!)

2
roles/kalite/tasks/main.yml
View file

@ -30,7 +30,7 @@
name: kalite-serve
enabled: yes
state: restarted
when: kalite_enabled
when: kalite_enabled | bool
- name: Disable & Stop 'kalite-serve' service, if not kalite_enabled
systemd:

14
roles/kalite/tasks/setup-f18.yml.unused
View file

@ -1,14 +0,0 @@
# This is for Fedora 18, assumed to be an XO
- name: Run the setup using 'kalite manage' (Fedora 18)
command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite manage setup --username={{ kalite_user }} --password={{ kalite_password }} --noinput'"
async: 900
poll: 10
- name: Finish setup by running 'kalite start' (Fedora 18)
command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite start'"
async: 900
poll: 10
- name: Stop kalite server started in previous step because we use systemd
command: "/usr/bin/su {{ kalite_user }} -c '{{ kalite_root }}/bin/kalite stop'"

32
roles/kalite/tasks/setup.yml.unused
View file

@ -1,32 +0,0 @@
# For OS's other than Fedora 18
- name: Create {{ kalite_root }} directory
file:
path: "{{ kalite_root }}/httpsrv/static" # /library/ka-lite
# owner: root
# group: root
# mode: 0755
state: directory
- name: Run the setup using 'kalite manage'
command: "{{ kalite_program }} manage setup --username={{ kalite_admin_user }} --password={{ kalite_admin_password }} --noinput" # Runs /usr/local/kalite/venv/bin/kalite
environment:
KALITE_HOME: "{{ kalite_root }}" # /library/ka-lite
async: 1800
poll: 10
# RECORD KA Lite AS INSTALLED
# TO DO: move these last 2 stanzas to install.yml,
# as any action named "install.yml" should do exactly what it says (install!)
- name: "Set 'kalite_installed: True'"
set_fact:
kalite_installed: True
- name: "Add 'kalite_installed: True' to {{ iiab_state_file }}"
lineinfile:
path: "{{ iiab_state_file }}" # /etc/iiab/iiab_state.yml
regexp: '^kalite_installed'
line: 'kalite_installed: True'

18
roles/network/defaults/main.yml
View file

@ -25,19 +25,12 @@
#
# hostapd_install: True # 2020-01-21: do not rely on this var for now (might be implemented in future)
# hostapd_enabled: True
# Above is forcibly set to False (in roles/network/tasks/main.yml) if IIAB is
# being WiFi-installed (run "iiab-hotspot-on" AFTER ./iiab-install completes
# and content is downloaded, to enable the internal WiFi Access Point / AP!)
#
# reboot_to_AP: False
# For those installing IIAB over WiFi: "reboot_to_AP: True" overrides the above
# detection of WiFi-as-gateway, forcing "hostapd_enabled: True" regardless.
#
# Above 2 vars set in /opt/iiab/iiab/vars/default_vars.yml
#
# Above set in /opt/iiab/iiab/vars/default_vars.yml
hostapd_wait: 5
host_wireless_n: False
driver_name: nl80211
ap0_mac_addr: b8:27:99:12:34:56
# DNS / name resolution
# dhcpd_install: False
@ -61,13 +54,14 @@ strict_networking: False
iiab_demo_mode: False
gui_static_wan: False
wan_cidr:
virtual_network_devices: "-e ap0 -e lo -e br0 -e tun -e br- -e docker -e bridge0 -e veth"
# Set defaults for discovery process as strings
wifi1: "not found-1"
wifi2: "not found-2"
ap_device: "none"
exclude_device: "none"
device_gw: "none"
device_gw2: ""
prior_gw_device: ""
iiab_wan_iface: "none"
iiab_lan_iface: "none"

54
roles/network/tasks/NM-debian.yml
View file

@ -3,27 +3,39 @@
include_tasks: down-debian.yml
# provide keyfile layout like the XO's used way back.
- name: Create uuid for NM's keyfile store
shell: uuidgen
register: uuid_response
#- name: Create uuid for NM's keyfile store
# shell: uuidgen
# register: uuid_response
- name: Put the uuid in place
set_fact:
gen_uuid: "{{ uuid_response.stdout_lines[0] }}"
#- name: Put the uuid in place
# set_fact:
# gen_uuid: "{{ uuid_response.stdout_lines[0] }}"
# NM might have a watcher on this path and we don't have to restart NM
- name: Copy the bridge script for NetworkManager
template:
dest: /etc/NetworkManager/system-connections/
src: network/bridge-br0
mode: 0600
when: iiab_network_mode != "Appliance"
- name: Remove br0 in Appliance Mode for NetworkManager
# systemd-networkd handles br0 except for Raspbian
- name: Remove stale br0 for NetworkManager
file:
dest: /etc/NetworkManager/system-connections/bridge-br0
state: absent
when: iiab_network_mode == "Appliance"
- name: Copy ap0-manage.conf for NetworkManager
template:
dest: /etc/NetworkManager/conf.d/ap0-manage.conf
src: network/ap0-manage.conf
mode: 0644
when: wifi_up_down
- name: Copy manage.conf for NetworkManager when wifi_up_down False
template:
dest: /etc/NetworkManager/conf.d/wifi-manage.conf
src: network/manage.conf.j2
mode: 0644
when: discovered_wireless_iface != "none" and not wifi_up_down
- name: Remove manage.conf for NetworkManager when wifi_up_down True
file:
dest: /etc/NetworkManager/conf.d/wifi-manage.conf
state: absent
when: wifi_up_down
- name: Removing static for NetworkManager
file:
@ -58,16 +70,6 @@
mode: 0600
when: wan_ip != "dhcp"
- name: Stop wpa_supplicant service
service:
name: wpa_supplicant
state: stopped
when: iiab_wireless_lan_iface is defined and hostapd_enabled and iiab_network_mode != "Appliance"
- name: Mask wpa_supplicant
shell: systemctl mask wpa_supplicant
when: iiab_wireless_lan_iface is defined and hostapd_enabled and iiab_network_mode != "Appliance"
- name: Reload systemd
systemd:
daemon_reload: yes

49
roles/network/tasks/computed_network.yml
View file

@ -6,20 +6,6 @@
user_wan_iface: "{{ discovered_wan_iface }}"
when: not (discovered_wan_iface == "none") and not (xo_model == "none") and has_ifcfg_gw == "none"
#- name: Checking for NetworkManager-config-server
# shell: rpm -qa | grep NetworkManager-config-server | wc -l
# register: strict_networking_check
#- name: Found Checking for NetworkManager-config-server
# set_fact:
# strict_networking: True
# when: strict_networking_check == "1"
#- name: Use restricted network features
# set_fact:
# iiab_demo_mode: True
# when: teamviewer_install and not strict_networking
- name: XO laptop wants USB WiFi interface as AP mode
set_fact:
iiab_wireless_lan_iface: "{{ discovered_lan_iface }}"
@ -62,7 +48,7 @@
user_wan_iface: "none"
when: not iiab_wan_enabled
# gui wants LanController # keeps ifcfg-WAN but onboot=no
# gui wants LanController
# the change over might be a little bumpy ATM.
- name: Setting GUI wants 'LanController'
set_fact:
@ -71,10 +57,9 @@
iiab_gateway_enabled: "False"
when: gui_desired_network_role is defined and gui_desired_network_role == "LanController"
# device_gw is used with the LAN detection and LAN's ifcfg file deletion.
# single interface vars/ users would need to set iiab_wan_enabled False as above, to disable the WAN
# and set user_lan_iface = <device> to suppress the auto detection for the same effect.
# discovered_wan_iface is used with the LAN detection, single interface vars/ users would
# need to set iiab_wan_enabled False as above, to disable the WAN and set
# user_lan_iface: <device> to suppress the auto detection for the same effect.
- name: Setting user_lan_iface for 'LanController' for single interface
set_fact:
user_lan_iface: "{{ discovered_wan_iface }}"
@ -143,24 +128,6 @@
iiab_lan_iface: "{{ user_lan_iface }}"
when: not (user_lan_iface == "auto")
# so this works
- name: Interface count
shell: ls /sys/class/net | grep -v -e lo -e bridge0 -e veth -e "br-*" -e docker| wc | awk '{print $1}'
register: adapter_count
# well if there ever was a point to tell the user things are FUBAR this is it.
- name: We're hosed no work interfaces
set_fact:
iiab_network_mode: "No_network_found"
when: adapter_count.stdout|int == 0
# well if there ever was a point to tell the user things are FUBAR this is it.
- name: I'm not guessing declare gateway please
set_fact:
iiab_network_mode: "Undetectable_use_local_vars"
iiab_wan_iface: "none"
when: adapter_count.stdout|int >= 5 and device_gw == "none" and gui_wan_iface == "unset" and gui_static_wan is defined
- name: Record IIAB_WAN_DEVICE to {{ iiab_env_file }}
lineinfile:
path: "{{ iiab_env_file }}"
@ -197,11 +164,3 @@
value: "{{ iiab_lan_iface }}"
- option: iiab_network_mode
value: "{{ iiab_network_mode }}"
- option: hostapd_enabled
value: "{{ hostapd_enabled }}"
- option: host_ssid
value: "{{ host_ssid }}"
- option: host_wifi_mode
value: "{{ host_wifi_mode }}"
- option: host_channel
value: "{{ host_channel }}"

9
roles/network/tasks/computed_services.yml
View file

@ -3,6 +3,7 @@
dansguardian_enabled: False
squid_enabled: False
wondershaper_enabled: False
hostapd_enabled: False
iiab_network_mode: "Appliance"
when: iiab_lan_iface == "none" or user_lan_iface == "none"
@ -74,3 +75,11 @@
value: "{{ dnsmasq_enabled }}"
- option: no_net_restart
value: "{{ no_net_restart }}"
- option: hostapd_enabled
value: "{{ hostapd_enabled }}"
- option: host_ssid
value: "{{ host_ssid }}"
- option: host_wifi_mode
value: "{{ host_wifi_mode }}"
- option: host_channel
value: "{{ host_channel }}"

75
roles/network/tasks/detected_network.yml
View file

@ -1,23 +1,36 @@
- name: iiab_wan_device
shell: grep IIAB_WAN_DEVICE {{ iiab_env_file }} | awk -F "=" '{print $2}'
when: iiab_stage|int > 4
register: prior_gw
# so this works
- name: Interface count
shell: ls /sys/class/net | grep -v {{ virtual_network_devices }} | wc | awk '{print $1}'
register: adapter_count
# well if there ever was a point to tell the user things are FUBAR this is it.
- name: We're hosed no work interfaces
fail: # FORCE IT RED THIS ONCE!
msg: "No_network_found"
when: adapter_count.stdout|int == 0
- name: Checking for old device gateway interface for device test
shell: grep IIAB_WAN_DEVICE {{ iiab_env_file }} | awk -F "=" '{print $2}'
when: iiab_stage|int == 9
register: prior_gw
- name: Setting device_gw, prior_gw_device
set_fact:
device_gw: "{{ prior_gw.stdout }}"
device_gw2: "{{ prior_gw.stdout }}"
when: iiab_stage|int > 4 and prior_gw is defined and prior_gw.stdout != ""
prior_gw_device: "{{ prior_gw.stdout }}"
when: prior_gw.stdout is defined and prior_gw.stdout != ""
- name: Setting WAN if detected
- name: Setting WAN, device_gw if detected
set_fact:
iiab_wan_iface: "{{ discovered_wan_iface }}"
device_gw: "{{ discovered_wan_iface }}"
when: ansible_default_ipv4.gateway is defined
- name: Red Hat network detection (redhat)
include_tasks: detected_redhat.yml
when: is_redhat | bool
- name: Figure out netplan file name
shell: ls /etc/netplan
register: netplan
ignore_errors: True # pre 17.10 doesn't use netplan
when: is_ubuntu
- name: Setting dhcpcd_test results
set_fact:
@ -75,16 +88,15 @@
set_fact:
wifi2: "{{ item|trim }}"
discovered_wireless_iface: "{{ item|trim }}"
when: wireless_list2.stdout is defined and not wireless_list2.stdout == "ap0"
when: wireless_list2.stdout is defined and item|trim != "ap0"
with_items:
- "{{ wireless_list2.stdout_lines }}"
#item|trim != discovered_wan_iface
- name: Count WiFi ifaces
shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l"
shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | grep -v -e ap0 | wc -l"
register: count_wifi_interfaces
# facts are apparently all stored as text, so do text comparisons from here on
- name: Remember number of WiFi devices
set_fact:
num_wifi_interfaces: "{{ count_wifi_interfaces.stdout|int }}"
@ -94,16 +106,16 @@
- name: XO laptop override 2 WiFi on LAN
set_fact:
ap_device: "eth0"
exclude_device: "eth0"
when: iiab_wan_iface != "eth0" and discovered_wireless_iface != "none" and xo_model == "XO-1.5"
- name: Exclude reserved WiFi adapter if defined - takes adapter name
- name: Exclude reserved Network Adapter if defined - takes adapter name
set_fact:
ap_device: "{{ reserved_wifi }}"
when: reserved_wifi is defined and discovered_wireless_iface != iiab_wan_iface and num_wifi_interfaces >= "2"
exclude_device: "{{ reserved_device }}"
when: reserved_device is defined
- name: Count LAN ifaces
shell: ls /sys/class/net | grep -v -e ap0 -e wwlan -e ppp -e lo -e br0 -e tun -e br- -e docker -e bridge0 -e veth -e {{ device_gw }} -e {{ ap_device }} | wc -l
shell: ls /sys/class/net | grep -v {{ virtual_network_devices }} -e wwlan -e ppp -e {{ device_gw }} -e {{ exclude_device }} | wc -l
register: num_lan_interfaces_result
- name: Calculate number of LAN interfaces including WiFi
@ -112,7 +124,7 @@
# LAN - pick non WAN's
- name: Create list of LAN (non WAN) ifaces
shell: ls /sys/class/net | grep -v -e ap0 -e wwlan -e ppp -e lo -e br0 -e tun -e br- -e docker -e bridge0 -e veth -e {{ device_gw }} -e {{ ap_device }}
shell: ls /sys/class/net | grep -v {{ virtual_network_devices }} -e wwlan -e ppp -e {{ device_gw }} -e {{ exclude_device }}
when: num_lan_interfaces != "0"
register: lan_list_result
@ -133,20 +145,22 @@
with_items:
- "{{ lan_list_result.stdout_lines }}"
- name: Set iiab_wireless_lan_iface if present
- name: Set iiab_wireless_lan_iface to {{ discovered_wireless_iface }} if not none
set_fact:
iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}"
when: discovered_wireless_iface is defined and discovered_wireless_iface != "none" and discovered_wireless_iface != iiab_wan_iface
when: discovered_wireless_iface != "none" and not wifi_up_down
- name: Set iiab_wireless_lan_iface to ap0 if WiFi device is present
set_fact:
iiab_wireless_lan_iface: ap0
when: discovered_wireless_iface != "none" and wifi_up_down
- name: Set iiab_wired_lan_iface if present
set_fact:
iiab_wired_lan_iface: "{{ discovered_wired_iface }}"
when: discovered_wired_iface is defined and discovered_wired_iface != "none" and discovered_wired_iface != iiab_wan_iface and not is_raspbian
#unused
#- name: Get a list of ifcfg files to delete
# moved to detected_redhat
# use value only if present
- name: 2 or more devices on the LAN - use bridging
set_fact:
@ -197,8 +211,8 @@
with_items:
- option: has_ifcfg_gw
value: "{{ has_ifcfg_gw }}"
- option: prior_gateway_(device_gw2)
value: "{{ device_gw2 }}"
- option: prior_gateway_device
value: "{{ prior_gw_device }}"
- option: dhcpcd_result
value: "{{ dhcpcd_result }}"
- option: network_manager_active
@ -227,3 +241,10 @@
value: "{{ iiab_lan_iface }}"
- option: iiab_wan_iface
value: "{{ iiab_wan_iface }}"
# well if there ever was a point to tell the user things are FUBAR this is it.
# limit 2 network adapters wifi wired
- name: I'm not guessing declare gateway please
fail: # FORCE IT RED THIS ONCE!
msg: "Undetectable gateway or prior gateway for use with static network addressing from admin-console use local_vars to declare user_wan_iface"
when: adapter_count.stdout|int >=3 and gui_wan_iface == "unset" and gui_static_wan

24
roles/network/tasks/enable_services.yml
View file

@ -79,23 +79,23 @@
#- debug:
# var: nd_enabled
- name: Check if /etc/networkd-dispatcher/routable.d exists
stat:
path: /etc/networkd-dispatcher/routable.d
register: nd_dir
#- name: Check if /etc/networkd-dispatcher/routable.d exists
# stat:
# path: /etc/networkd-dispatcher/routable.d
# register: nd_dir
#- debug:
# var: nd_dir
#- name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and networkd-dispatcher is enabled, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04)
- name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04)
template:
src: roles/network/templates/network/dnsmasq.sh.j2
dest: /etc/networkd-dispatcher/routable.d/dnsmasq.sh
mode: 0755
owner: root
group: root
when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
#- name: To restart dnsmasq whenever br0 comes up, install /etc/networkd-dispatcher/routable.d/dnsmasq.sh from template (if isn't Appliance, and directory /etc/networkd-dispatcher/routable.d exists, i.e. OS's like Ubuntu 18.04)
# template:
# src: roles/network/templates/network/dnsmasq.sh.j2
# dest: /etc/networkd-dispatcher/routable.d/dnsmasq.sh
# mode: 0755
# owner: root
# group: root
# when: dnsmasq_install and dnsmasq_enabled and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
#when: dnsmasq_install and dnsmasq_enabled and nd_enabled is defined and nd_enabled.stdout == "enabled" and nd_dir.stat.exists and nd_dir.stat.isdir and (iiab_network_mode != "Appliance")
#when: dnsmasq_install and dnsmasq_enabled and systemd_out.status.UnitFileState == "enabled" and networkd_dir.stat.exists and networkd_dir.stat.isdir and (iiab_network_mode != "Appliance")

0
roles/network/tasks/NM.yml → roles/network/tasks/fedora/NM.yml
View file

17
roles/network/tasks/fedora/create_ifcfg.yml.deprecated Normal file
View file

@ -0,0 +1,17 @@
- name: Stop 'Wired WAN connection'
shell: nmcli dev disconnect {{ discovered_wan_iface }}
ignore_errors: True
changed_when: False
when: discovered_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none"
# set user_wan_iface: <device> for static
# use wan_* for static info
- name: Supply ifcfg-WAN file
template: src=network/ifcfg-WAN.j2
dest=/etc/sysconfig/network-scripts/ifcfg-WAN
when: iiab_wan_iface != "none" and not has_WAN and has_ifcfg_gw == "none"
- name: Now setting ifcfg-WAN True after creating file
set_fact:
has_WAN: True
when: iiab_wan_iface != "none" and has_ifcfg_gw == "none"

0
roles/network/tasks/detected_redhat.yml → roles/network/tasks/fedora/detected_redhat.yml
View file

0
roles/network/tasks/edit_ifcfg.yml → roles/network/tasks/fedora/edit_ifcfg.yml
View file

0
roles/network/tasks/enable_wan.yml → roles/network/tasks/fedora/enable_wan.yml
View file

28
roles/network/tasks/fedora/hosts.yml.deprecated Normal file
View file

@ -0,0 +1,28 @@
# this (hosts.yml) WAS invoked by roles/network/tasks/main.yml up until 2019-12-10
#TODO: Use vars instead of hardcoded values
- name: Remove FQDN with 172.18.96.1 in /etc/hosts without LAN (if iiab_lan_iface == "none" and not installing)
lineinfile:
path: /etc/hosts
regexp: '^172\.18\.96\.1'
state: absent
when: iiab_lan_iface == "none" and not installing
- name: Configure FQDN with 172.18.96.1 in /etc/hosts with LAN (if iiab_lan_iface != "none" and not installing)
lineinfile:
path: /etc/hosts
regexp: '^172\.18\.96\.1'
line: '172.18.96.1 {{ iiab_hostname }}.{{ iiab_domain }} {{ iiab_hostname }} box box.lan'
state: present
when: not (iiab_lan_iface == "none") and not installing
# roles/0-init/tasks/hostname.yml ALSO does this:
- name: 'Put FQDN & hostnames in /etc/hosts: "127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan" (if iiab_lan_iface == "none" and not installing, appliance mode?)'
lineinfile:
path: /etc/hosts
regexp: '^127\.0\.0\.1'
line: '127.0.0.1 {{ iiab_hostname }}.{{ iiab_domain }} localhost.localdomain localhost {{ iiab_hostname }} box box.lan'
owner: root
group: root
mode: 0644
when: iiab_lan_iface == "none" and not installing

0
roles/network/tasks/ifcfg_mods.yml → roles/network/tasks/fedora/ifcfg_mods.yml
View file

0
roles/network/tasks/redetect.yml → roles/network/tasks/fedora/redetect.yml
View file

0
roles/network/tasks/static.yml → roles/network/tasks/fedora/static.yml
View file

104
roles/network/tasks/hostapd.yml
View file

@ -1,7 +1,23 @@
- name: Turn off hostapd when no wifi interface present or in "Appliance Mode"
- name: Unmask the Access Point 'hostapd' service
systemd:
name: hostapd
enabled: no
masked: no
- name: Disable hostapd when not using ap0 and wifi gateway present, or no WiFi hardware present
set_fact:
hostapd_enabled: False
when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance"
when: (not wifi_up_down and discovered_wireless_iface == iiab_wan_iface) or discovered_wireless_iface == "none"
- name: Detect current Wifi channel
shell: iw {{ discovered_wireless_iface }} info | grep channel | cut -d' ' -f2
register: current_host_channel
when: discovered_wireless_iface != "none"
- name: Setting WiFi channel to {{ current_host_channel.stdout }}
set_fact:
host_channel: "{{ current_host_channel.stdout }}"
when: current_host_channel.stdout is defined and current_host_channel.stdout != "" and current_host_channel.stdout|int <= 13
- name: Create /etc/hostapd/hostapd.conf from template
template:
@ -14,21 +30,38 @@
- name: Create backup /etc/hostapd/hostapd.conf.iiab from template
template:
src: hostapd/iiab-hostapd.conf.j2
src: hostapd/hostapd.conf.j2
dest: /etc/hostapd/hostapd.conf.iiab
owner: root
group: root
mode: 0644
when: discovered_wireless_iface != "none"
- name: Use custom systemd unit file to start 'hostapd' service
- name: Generate new random mac address for ap0
shell: tr -dc A-F0-9 < /dev/urandom | head -c 10 | sed -r 's/(..)/\1:/g;s/:$//;s/^/02:/'
register: ap0_mac
- name: Setting ap0 mac address for use in hostapd service file
set_fact:
ap0_mac_addr: "{{ ap0_mac.stdout }}"
- name: Use custom 'hostapd' systemd service unit file using ap0 when wifi_up_down
template:
src: hostapd/hostapd.service.j2
dest: /etc/systemd/system/hostapd.service
owner: root
group: root
mode: 0644
when: discovered_wireless_iface != "none"
when: discovered_wireless_iface != "none" and wifi_up_down
- name: Use custom 'hostapd' systemd service unit file for {{ discovered_wireless_iface }} when not wifi_up_down
template:
src: hostapd/hostapd.legacy.j2
dest: /etc/systemd/system/hostapd.service
owner: root
group: root
mode: 0644
when: discovered_wireless_iface != "none" and not wifi_up_down
- name: Create /usr/bin/iiab-hotspot-on from template
template:
@ -37,7 +70,6 @@
owner: root
group: root
mode: 0755
when: is_raspbian | bool
- name: Create /usr/bin/iiab-hotspot-off from template
template:
@ -46,14 +78,60 @@
owner: root
group: root
mode: 0755
when: is_raspbian | bool
- name: Disable the Access Point 'hostapd' service
systemd:
name: hostapd
enabled: no
# cheap workaround for when /etc/init.d is populated
# when: not hostapd_enabled
- name: Create dhcpcd hook for hostapd and ap0 when wifi_up_down True
template:
src: hostapd/50-hostapd
dest: /lib/dhcpcd/dhcpcd-hooks/50-hostapd
owner: root
group: root
mode: 0644
when: is_raspbian and wifi_up_down
- name: Remove dhcpcd hook for hostapd if WiFi is not split using ap0
file:
path: /lib/dhcpcd/dhcpcd-hooks/50-hostapd
state: absent
when: is_raspbian and not wifi_up_down
- name: Create networkd-dispatcher diagnosic hook for recording network events
template:
owner: root
group: root
mode: 0755
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: 'hostapd/00-iiab-debug', dest: '/etc/networkd-dispatcher/carrier.d/00-iiab-debug' }
- { src: 'hostapd/00-iiab-debug', dest: '/etc/networkd-dispatcher/degraded.d/00-iiab-debug' }
- { src: 'hostapd/00-iiab-debug', dest: '/etc/networkd-dispatcher/dormant.d/00-iiab-debug' }
- { src: 'hostapd/00-iiab-debug', dest: '/etc/networkd-dispatcher/no-carrier.d/00-iiab-debug' }
- { src: 'hostapd/00-iiab-debug', dest: '/etc/networkd-dispatcher/off.d/00-iiab-debug' }
- { src: 'hostapd/00-iiab-debug', dest: '/etc/networkd-dispatcher/routable.d/00-iiab-debug' }
when: systemd_networkd_active and discovered_wireless_iface != "none"
- name: Create networkd-dispatcher hook for hostapd wifi_up_down True
template:
owner: root
group: root
mode: 0755
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: 'hostapd/netd-disp', dest: '/etc/networkd-dispatcher/carrier.d/iiab-wifi' }
- { src: 'hostapd/netd-disp', dest: '/etc/networkd-dispatcher/no-carrier.d/iiab-wifi' }
- { src: 'hostapd/netd-disp', dest: '/etc/networkd-dispatcher/routable.d/iiab-wifi' }
when: systemd_networkd_active and discovered_wireless_iface != "none" and wifi_up_down
- name: Remove networkd-dispatcher hook wifi_up_down False
file:
path: "{{ item.dest }}"
state: absent
with_items:
- { dest: '/etc/networkd-dispatcher/carrier.d/iiab-wifi' }
- { dest: '/etc/networkd-dispatcher/no-carrier.d/iiab-wifi' }
- { dest: '/etc/networkd-dispatcher/routable.d/iiab-wifi' }
when: systemd_networkd_active and discovered_wireless_iface != "none" and not wifi_up_down
- name: Enable the Access Point 'hostapd' service
systemd:

33
roles/network/tasks/main.yml
View file

@ -1,13 +1,12 @@
- include_tasks: detected_network.yml
when: not installing # REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml
- name: IF WIFI IS PRIMARY GATEWAY, PLEASE RUN 'iiab-hotspot-on' MANUALLY
set_fact:
hostapd_enabled: False # used in (1) hostapd.yml, (2) rpi_debian.yml +
# (3) its dhcpcd.conf.j2, (4) restart.yml
no_net_restart: True # used below in (1) sysd-netd-debian.yml,
# (2) debian.yml, (3) rpi_debian.yml
when: discovered_wireless_iface == iiab_wan_iface and not reboot_to_AP
# (2) debian.yml, (3) rpi_debian.yml,
# (4) NM-debian.yml
when: discovered_wireless_iface == iiab_wan_iface
# EITHER WAY: hostapd_enabled's state is RECORDED into {{ iiab_env_file }}
# in hostapd.yml for later use by...
# /usr/libexec/iiab-startup.sh, iiab-hotspot-off & iiab-hotspot-on
@ -25,9 +24,6 @@
# when: is_raspbian and discovered_wireless_iface is defined and discovered_wireless_iface == iiab_wan_iface and reboot_to_AP
- include_tasks: computed_network.yml
when: not installing #REMOVE THIS LINE IF installing IS ALWAYS false AS SET IN roles/0-init/defaults/main.yml
- include_tasks: hostapd.yml
#- name: RPi - don't reboot to AP post install - installed via wifi - don't blow away current network
# set_fact:
@ -35,13 +31,6 @@
# hostapd_enabled: False
# when: is_raspbian and discovered_wireless_iface is defined and discovered_wired_iface != iiab_wan_iface
##### Start static ip address info for first run #####
#- include_tasks: static.yml
# when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"'
##### End static ip address info
#- include_tasks: hosts.yml
- name: Configure wondershaper
include_tasks: wondershaper.yml
when: wondershaper_install or wondershaper_installed is defined
@ -58,9 +47,15 @@
include_tasks: squid.yml
when: squid_install and FQDN_changed and iiab_stage|int == 9
#preprep for backends
- name: Netplan in use on Ubuntu 18.04+
include_tasks: netplan.yml
when: is_ubuntu and not is_ubuntu_16
#### Start services
- include_tasks: avahi.yml
- include_tasks: hostapd.yml
- include_tasks: computed_services.yml
- include_tasks: enable_services.yml
@ -73,12 +68,6 @@
when: is_redhat | bool
#and not installing
- name: Netplan in use on Ubuntu 18.04+
include_tasks: netplan.yml
when: is_ubuntu and not is_ubuntu_16
#when: is_ubuntu_18 | bool
#and not installing
- name: NetworkManager in use
include_tasks: NM-debian.yml
when: is_debuntu and network_manager_active
@ -89,7 +78,7 @@
when: is_debuntu and systemd_networkd_active
#and not installing
- name: RPi's have dhcpcd in use
- name: Raspbian uses dhcpcd only with no N-M or SYS-NETD active
include_tasks: rpi_debian.yml
when: is_raspbian
#and not installing

61
roles/network/tasks/netplan.yml
View file

@ -1,20 +1,14 @@
- name: Figure out netplan file name
shell: ls /etc/netplan
register: netplan
- name: Disable cloud-init the easy way
shell: touch /etc/cloud/cloud-init.disabled
when: ("item" == "50-cloud-init.yaml")
when: item|trim == "50-cloud-init.yaml"
with_items:
- "{{ netplan.stdout_lines }}"
- name: Remove stock netplan template
file:
state: absent
path: /etc/netplan/{{ item }}
- name: Moving 50-cloud-init.yaml to 02-iiab-config.yaml
shell: mv /etc/netplan/50-cloud-init.yaml /etc/netplan/02-iiab-config.yaml
when: netplan.stdout.find("yaml") != -1 and item|trim == "50-cloud-init.yaml"
with_items:
- "{{ netplan.stdout_lines }}"
when: netplan.stdout.find("yaml") != -1
- name: Cheap way to do systemd unmask
file:
@ -29,25 +23,46 @@
- systemd-networkd-wait-online
when: systemd_networkd_active | bool
- name: Unmask and enable the systemd-networkd service for br0
systemd:
name: systemd-networkd
enabled: yes
masked: no
when: network_manager_active | bool and iiab_lan_iface == "br0"
- name: Ensure systemd-networkd gets enabled for br0
set_fact:
systemd_networkd_active: True
when: network_manager_active | bool and iiab_lan_iface == "br0"
# ICO will always set gui_static_wan_ip away from the default of 'unset' while
# gui_static_wan turns dhcp on/off through wan_ip in computed_network and
# overrides gui_static_wan_ip that is present. Changing wan_ip in local_vars
# is a oneway street to static.
- name: Static IP computing CIDR
shell: netmask {{ wan_ip }}/{{ wan_netmask }} | awk -F "/" '{print $2}'
register: CIDR
when: wan_ip != "dhcp"
#- name: Static IP computing CIDR
# shell: netmask {{ wan_ip }}/{{ wan_netmask }} | awk -F "/" '{print $2}'
# register: CIDR
# when: wan_ip != "dhcp"
- name: Static IP setting CIDR
set_fact:
wan_cidr: "{{ CIDR.stdout }}"
when: wan_ip != "dhcp"
#- name: Static IP setting CIDR
# set_fact:
# wan_cidr: "{{ CIDR.stdout }}"
# when: wan_ip != "dhcp"
- name: Supply netplan template
template:
dest: /etc/netplan/01-iiab-config.yaml
src: network/netplan.j2
backup: no
- name: Remove stock netplan template
file:
state: absent
path: /etc/netplan/{{ item }}
when: netplan.stdout.find("yaml") != -1 and item|trim != "02-iiab-config.yaml" and wan_ip != "dhcp"
with_items:
- "{{ netplan.stdout_lines }}"
#- name: Supply netplan template
# template:
# dest: /etc/netplan/01-iiab-config.yaml
# src: network/netplan.j2
# backup: no
# when: iiab_wan_iface != discovered_wireless_iface and wan_ip != "dhcp"
# should blow up here if we messed up the yml file
#- name: Generate netplan config

22
roles/network/tasks/restart.yml
View file

@ -1,8 +1,14 @@
- name: Restart hostapd when WiFi is present
#iiab_wireless_lan_iface(wlan0) - wifi_up_down False needs hw
#iiab_wireless_lan_iface(ap0) - wifi_up_down True needs hw
#hostapd_enabled False - set in hostapd.yml to avoid the enable with wifi_up_down False
#no_net_restart: True - main.yml discovered_wireless_iface == iiab_wan_iface
- name: Restart hostapd when WiFi is present but not when using WiFi as gateway
systemd:
name: hostapd
state: restarted
when: iiab_wireless_lan_iface is defined and hostapd_enabled and iiab_network_mode != "Appliance"
# when: iiab_wireless_lan_iface is defined and hostapd_enabled and discovered_wireless_iface != iiab_wan_iface
# when: hostapd_enabled and iiab_wireless_lan_iface is defined and discovered_wireless_iface == iiab_wireless_lan_iface
when: hostapd_enabled and not no_net_restart
- name: Start named service
systemd:
@ -53,6 +59,11 @@
creates: /etc/sysconfig/olpc-scripts/setup.d/installed/gateway
when: iiab_network_mode == "Gateway"
#netplan de-configures pre-created bridged interfaces
#- name: Reload netplan when Wifi is not gateway on Ubuntu 18+
# shell: netplan apply
# when: not no_net_restart and is_ubuntu and netplan.stdout.find("yaml") != -1
- name: Waiting {{ hostapd_wait }} seconds for network to stabilize (dnsmasq will fail if br0 isn't in a 'up' state!)
shell: sleep {{ hostapd_wait }}
@ -61,7 +72,7 @@
- name: Checking if WiFi slave is active
shell: brctl show br0 | grep {{ iiab_wireless_lan_iface }} | wc -l
when: hostapd_enabled and iiab_wireless_lan_iface is defined and iiab_lan_iface == "br0"
when: hostapd_enabled and discovered_wireless_iface != iiab_wan_iface and iiab_lan_iface == "br0"
register: wifi_slave
- name: Restart hostapd if WiFi slave is inactive
@ -70,10 +81,13 @@
state: restarted
when: hostapd_enabled and wifi_slave.stdout is defined and wifi_slave.stdout == 0
#both interfaces.d and systemd-networkd should have br0 available and Appliance lacks br0
- name: User choice of dnsmasq or dhcpd - restarting {{ dhcp_service2 }}
systemd:
name: "{{ dhcp_service2 }}"
state: restarted
when: not no_net_restart
when: (not no_net_restart) or wifi_up_down
#when: (iiab_network_mode != "Appliance") # Sufficient b/c br0 exists thanks to /etc/network/interfaces.d/iiab
#when: iiab_network_mode != "Appliance" and iiab_wan_iface != discovered_wireless_iface
#keep an eye on legacy wifi installs where br0 is present but not 'online' with an ip address
#due to hostapd didn't go to a carrier state. All others should get dnsmasq restarted

16
roles/network/tasks/sysd-netd-debian.yml
View file

@ -11,11 +11,14 @@
src: network/systemd-br0-network.j2
when: iiab_lan_iface == "br0"
- name: Copy the bridge script - Assigns br0 wired slaves
# can be more than one wired interface
- name: Wired enslaving - Assigns lan_list_results to br0 as wired slaves if present
template:
dest: /etc/systemd/network/IIAB-Slave.network
src: network/systemd-br0-slave.j2
when: iiab_wired_lan_iface is defined and iiab_lan_iface == "br0"
dest: /etc/systemd/network/IIAB-Slave-{{ item|trim }}.network
with_items:
- "{{ lan_list_result.stdout_lines }}"
when: iiab_wired_lan_iface is defined and num_lan_interfaces|int >= 1 and not network_manager_active
- name: Remove static WAN template
file:
@ -33,11 +36,12 @@
wan_cidr: "{{ CIDR.stdout }}"
when: wan_ip != "dhcp"
- name: Supply static WAN template (ubuntu-16)
- name: Supply static WAN template when network_manager_active is False
template:
dest: /etc/systemd/network/IIAB-Static.network
src: network/systemd-static-net.j2
when: wan_ip != "dhcp" and is_ubuntu_16
when: wan_ip != "dhcp" and ( is_ubuntu_16 or not network_manager_active )
#when: wan_ip != "dhcp" and not is_ubuntu_18
- name: Stopping services
@ -50,6 +54,4 @@
- name: Restart the systemd-networkd service
systemd:
name: systemd-networkd
enabled: yes
state: restarted
when: not nobridge is defined and not no_net_restart

2
roles/network/templates/hostapd/00-iiab-debug Normal file
View file

@ -0,0 +1,2 @@
#!/bin/bash
echo "NET-DISP-$AdministrativeState $IFACE $STATE"

20
roles/network/templates/hostapd/50-hostapd Normal file
View file

@ -0,0 +1,20 @@
if [ "$interface" = "wlan0" ]; then
REASON="$reason"
if [ "$reason" = "CARRIER" ]; then
syslog info "50-iiab CARRIER change wlan0"
# wpa_supplicant wants MHz for frequency= while hostapd wants channel..... whatever
# FREQ=`iw wlan0 info|grep channel|cut -d' ' -f9`
FREQ=`iw wlan0 info|grep channel|cut -d' ' -f2`
syslog info "40-iiab set channel $FREQ"
sed -i -e "s/^channel.*/channel=$FREQ /" /etc/hostapd/hostapd.conf
# will need a reboot for hostapd if the channel changed
fi
# spams the logging
#syslog info "50-iiab set ap0 spam $REASON"
if [ -e /sys/class/net/ap0 ] && ! [ "$reason" = "ROUTERADVERT" ]; then
syslog info "50-iiab set ap0 up $REASON"
# keeps ap0 up so hostapd works
ip link set ap0 up
fi
fi

3
roles/network/templates/hostapd/70-persistent-net.rules Normal file
View file

@ -0,0 +1,3 @@
SUBSYSTEM=="ieee80211", ACTION=="add|change", KERNEL=="phy0", \
RUN+="/sbin/iw phy phy0 interface add ap0 type __ap", \
RUN+="/sbin/ip link set ap0 address {{ ap0_mac_addr }}"

3
roles/network/templates/hostapd/hostapd.conf.j2
View file

@ -1,7 +1,6 @@
# Basic configuration
interface={% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %}
interface={{ iiab_wireless_lan_iface }}
ssid={{ host_ssid }}
channel={{ host_channel }}

12
roles/network/templates/hostapd/hostapd.legacy.j2 Normal file
View file

@ -0,0 +1,12 @@
[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Before=network.target
Wants=network-pre.target
[Service]
Type=idle
PIDFile=/run/hostapd.pid
ExecStart=/usr/sbin/hostapd -P /run/hostapd.pid /etc/hostapd/hostapd.conf
[Install]
WantedBy=multi-user.target

24
roles/network/templates/hostapd/hostapd.service.j2
View file

@ -1,12 +1,30 @@
[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Before=network.target
Wants=network-pre.target
After=network-pre.target
{% if is_raspbian %}
Before=dhcpcd.service
{% endif %}
Before=wpa_supplicant.service
Before=wpa_supplicant@{{ discovered_wireless_iface }}.service
{% if network_manager_active %}
Before=network-manager.service
{% endif %}
{% if is_ubuntu and netplan.stdout.find("yaml") != -1 %}
Before=netplan-wpa-{{ discovered_wireless_iface }}.service
{% endif %}
Before=network.target
[Service]
Type=idle
Type=forking
Restart=on-failure
RestartSec=2
PIDFile=/run/hostapd.pid
ExecStart=/usr/sbin/hostapd -P /run/hostapd.pid /etc/hostapd/hostapd.conf
ExecStartPre=-/sbin/iw phy phy0 interface add ap0 type __ap
ExecStartPre=-/sbin/ip link set ap0 address {{ ap0_mac_addr }}
ExecStart=/usr/sbin/hostapd -B -P /run/hostapd.pid /etc/hostapd/hostapd.conf
ExecStartPost=-/sbin/ip link set ap0 up
ExecStopPost=-/sbin/iw dev ap0 del
[Install]
WantedBy=multi-user.target

32
roles/network/templates/hostapd/iiab-hostapd.conf.j2
View file

@ -1,32 +0,0 @@
# Basic configuration
interface={{ discovered_wireless_iface }}
ssid={{ host_ssid }}
channel={{ host_channel }}
{%if iiab_lan_iface == "br0" %}
bridge=br0
{% endif %}
# Hardware configuration
driver={{ driver_name }}
{%if host_wireless_n %}
ieee80211n=1
{% endif %}
country_code={{ host_country_code }}
# limit emissions to what is legal in country
ieee80211d=1
hw_mode={{ host_wifi_mode }}
{%if hostapd_secure %}
# Use WPA authentication
auth_algs=1
# Use WPA2
wpa=2
# Use a pre-shared key
wpa_key_mgmt=WPA-PSK
# The network passphrase
wpa_passphrase={{ hostapd_password }}
# Use AES, instead of TKIP
rsn_pairwise=CCMP
{% endif %}

7
roles/network/templates/hostapd/netd-disp Normal file
View file

@ -0,0 +1,7 @@
#!/bin/bash
if [ "$IFACE" == "{{ discovered_wireless_iface }}" ]; then
echo "NET-DISP-WiFi $IFACE $STATE"
/usr/sbin/ip link set ap0 up
fi

3
roles/network/templates/network/ap0-manage.conf Normal file
View file

@ -0,0 +1,3 @@
# IIAB WiFi
[keyfile]
unmanaged-devices=interface-name:ap0

19
roles/network/templates/network/dhcpcd.conf.j2
View file

@ -38,21 +38,22 @@ require dhcp_server_identifier
slaac private
# IIAB
denyinterfaces {{ iiab_wireless_lan_iface }}
# Setting iiab_wired_lan_iface would install the device as a slave under
# br0 so we need to turn off the dhcp client in that network layout.
# Auto creation of the wired slave is suppressed in discovered_network.yml
# -> Set iiab_wired_lan_iface if present is conditional on is_raspbian
# Slave creation can be forced by populating local_vars.yml with
# 'iiab_wired_lan_iface: eth0' which populates /etc/network/interfaces.d/iiab
# with 'bridge_ports eth0' in place of 'bridge_ports none'
# Always (try) to run DHCP client on RPi's Ethernet port, for in-field
# "cablemodems" used by many non-technical operators, who want Zero-Hassle
# Updates. This means AVOIDING "denyinterfaces eth0" below:
{% if is_raspbian and hostapd_enabled %}
denyinterfaces{% if discovered_wireless_iface != "none" %} {{ discovered_wireless_iface }}{% endif %}
{% elif is_raspbian %}
#denyinterfaces{% if discovered_wireless_iface != "none" %} {{ discovered_wireless_iface }}{% endif %}
{% else %}
denyinterfaces{% if iiab_wireless_lan_iface is defined %} {{ iiab_wireless_lan_iface }}{% endif %}{% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }}{% endif %}
{% if iiab_wired_lan_iface is defined %}
denyinterfaces {{ iiab_wired_lan_iface }}
{% endif %}
# FYI this 'denyinterfaces' line (here in /etc/dhcpcd.conf) is commented out by
# /usr/bin/iiab-hotspot-off, and uncommented by /usr/bin/iiab-hotspot-on
{% if dhcpcd_result == "enabled" and iiab_lan_iface != "none" %}
interface {{ iiab_lan_iface }}
static ip_address={{ lan_ip }}/19

4
roles/network/templates/network/dnsmasq.sh.j2
View file

@ -1,5 +1,7 @@
#!/bin/bash
if [ "$IFACE" == "{{ iiab_lan_iface }}" ]; then
/bin/systemctl restart dnsmasq.service
echo "Restarting dnsmasq in 5 seconds"
/bin/sleep 5 && /bin/systemctl --no-block restart dnsmasq.service
echo "Restarting dnsmasq"
fi

23
roles/network/templates/network/iiab-hotspot-off
View file

@ -1,4 +1,6 @@
#!/bin/bash
{% if is_raspbian %}
# hotspot-off before ap0_updown
sed -i -e "s/^denyinterfaces/#denyinterfaces/" /etc/dhcpcd.conf
systemctl disable hostapd
systemctl stop hostapd
@ -7,13 +9,24 @@ systemctl stop hostapd
systemctl daemon-reload
systemctl restart dhcpcd
#systemctl restart networking 6/15/2019 TFM removed
sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=False/" {{ iiab_env_file }}
# Temporary promiscuous-mode workaround for RPi's WiFi "10SEC disease"
# Set wlan0 to promiscuous when AP's OFF (for possible WiFi gateway)
# SEE ALSO iiab-hotspot-on + /usr/libexec/iiab-startup.sh
# https://github.com/iiab/iiab/issues/638#issuecomment-355455454
if grep -qi raspbian /etc/*release; then
ip link set dev wlan0 promisc on
fi
#if grep -qi raspbian /etc/*release; then
# ip link set dev wlan0 promisc on
#fi
{% else %}
systemctl disable hostapd
systemctl stop hostapd
sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=False/" {{ iiab_env_file }}
echo " IIAB hotspot access point Disabled"
{% if wifi_up_down %}
exit 0
{% else %}
sed -i -e "s|managed=0|managed=1|" /etc/NetworkManager/conf.d/wifi-manage.conf
echo -e "\nPlease reboot to enable upstream WiFi access.\n"
exit 0
{% endif %}
{% endif %}

26
roles/network/templates/network/iiab-hotspot-on
View file

@ -1,24 +1,36 @@
#!/bin/bash
{% if is_raspbian %}
# just do what we have always done in hotspot-on
cp -f /etc/hostapd/hostapd.conf.iiab /etc/hostapd/hostapd.conf
sed -i -e "s/^#denyinterfaces/denyinterfaces/" /etc/dhcpcd.conf
# shut down wlan0 in case connected to network
ip link set wlan0 down
systemctl enable hostapd
#systemctl enable dnsmasq
#systemctl daemon-reload
systemctl daemon-reload
systemctl restart dhcpcd
#systemctl restart networking 6/15/2019 TFM removed
systemctl start hostapd
systemctl start dnsmasq
sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=True/" {{ iiab_env_file }}
# Temporary promiscuous-mode workaround for RPi's WiFi "10SEC disease"
# Disable "promiscuous" on wlan0 when AP (i.e. no WiFi gateway)
# SEE ALSO iiab-hotspot-off + /usr/libexec/iiab-startup.sh
# https://github.com/iiab/iiab/issues/638#issuecomment-355455454
if grep -qi raspbian /etc/*release; then
ip link set dev wlan0 promisc off
fi
#if grep -qi raspbian /etc/*release; then
# ip link set dev wlan0 promisc off
#fi
{% else %}
systemctl enable hostapd
sed -i -e "s/^HOSTAPD_ENABLED.*/HOSTAPD_ENABLED=True/" {{ iiab_env_file }}
echo -e "\nPlease consider rebooting now.\n"
{% if wifi_up_down %}
echo -e "\nPlease reboot to activate hostapd feature.\n"
exit 0
{% else %}
sed -i -e "s|managed=1|managed=0|" /etc/NetworkManager/conf.d/wifi-manage.conf
echo -e "\nPlease reboot to activate hostapd feature.\n"
exit 0
{% endif %}
{% endif %}

4
roles/network/templates/network/manage.conf.j2 Normal file
View file

@ -0,0 +1,4 @@
# IIAB WiFi
[device]
match-device=interface-name:{{ discovered_wireless_iface }}
managed=1

2
roles/network/templates/network/rpi.j2
View file

@ -3,6 +3,8 @@
# gui_desired_network_role is {{ gui_desired_network_role }}
{% endif %}
{% if iiab_network_mode != "Appliance" %}
# auto wired slave creation is suppressed in detected_network.yml
# 'none' would become the name of the wired slave device.
################# LANCONTROLLER ###################
auto br0
iface br0 inet manual

1
roles/network/templates/network/systemd-br0-network.j2
View file

@ -5,6 +5,7 @@ Name=br0
[Network]
Address={{ lan_ip }}/19
LinkLocalAddressing=no
ConfigureWithoutCarrier=yes
# Commenting the below line as it has been causing race/looping issues between dnsmasq and systemd-resolved
# IIAB ticket #1747
#DNS={{ lan_ip }}

6
roles/network/templates/network/systemd-br0-slave.j2
View file

@ -1,5 +1,9 @@
# /etc/systemd/network/IIAB-Slave.network
# /etc/systemd/network/IIAB-Slave-{{ iiab_wired_lan_iface }}.network
[Match]
Name={{ iiab_wired_lan_iface }}
[Link]
RequiredForOnline=no
[Network]
Bridge=br0

6
roles/nginx/README.md
View file

@ -10,7 +10,7 @@
2. Without PHP available via FastCGI, any function at all for PHP-based applications validates NGINX.
3. Current state of IIAB App/Service migrations as of 2020-04-24:
3. Current state of IIAB App/Service migrations as of 2020-04-29:
1. These support "Native" NGINX but ***NOT*** Apache
* Admin Console
@ -39,7 +39,7 @@
* nodered
4. These each run their own web server or non-web / backend services, e.g. off of their own [unique port(s)](https://github.com/iiab/iiab/wiki/IIAB-Networking#list-of-ports--services) (IIAB home pages link directly to these destinations). In future we'd like mnemonic URL's for all of these: (e.g. http://box/calibre, http://box/archive, http://box/kalite)
* calibre (menu goes directly to port 8080) [*]
* calibre (menu goes directly to port 8080)
* internetarchive (menu goes directly to port 4244, [PR #2120](https://github.com/iiab/iiab/pull/2120)) [*]
* kalite (menu goes directly to ports 8006-8008)
* minetest [*]
@ -47,4 +47,4 @@
* pbx [*]
* transmission [*]
[*] The 5 above starred roles could use improvement, as of 2020-04-24.
[*] The 4 above starred roles could use improvement, as of 2020-04-29.

0
scripts/calibre-install-latest-rpi-plus.sh → scripts/calibre-install-latest-rpi-plus.sh.unused
View file

0
scripts/calibre-install-latest.sh → scripts/calibre-install-latest.sh.unused
View file

0
scripts/calibre-install-packages.sh → scripts/calibre-install-packages.sh.unusued
View file

0
scripts/calibre-install-pinned-rpi.sh → scripts/calibre-install-pinned-rpi.sh.unused
View file

0
scripts/calibre-install-unstable.sh → scripts/calibre-install-unstable.sh.unused
View file

3
vars/centos-7.yml
View file

@ -25,6 +25,3 @@ sshd_service: sshd
php_version: 7.0
postgresql_version: 9.5
systemd_location: /usr/lib/systemd/system
# Upgrade OS's own Calibre to very latest:
calibre_via_debs: False
calibre_via_python: True

3
vars/debian-10.yml
View file

@ -25,6 +25,3 @@ sshd_service: ssh
php_version: 7.3
postgresql_version: 11
systemd_location: /lib/systemd/system
# Upgrade OS's own Calibre to very latest:
calibre_via_debs: False
calibre_via_python: True

3
vars/debian-8.yml
View file

@ -24,6 +24,3 @@ sshd_service: ssh
php_version: 5
postgresql_version: 9.4
systemd_location: /lib/systemd/system
# Upgrade OS's own Calibre to very latest:
calibre_via_debs: False
calibre_via_python: True

3
vars/debian-9.yml
View file

@ -25,6 +25,3 @@ sshd_service: ssh
php_version: 7.0
postgresql_version: 9.6
systemd_location: /lib/systemd/system
# Upgrade OS's own Calibre to very latest:
calibre_via_debs: False
calibre_via_python: True

5
vars/default_vars.yml
View file

@ -98,9 +98,8 @@ hostapd_enabled: True
# Above is forcibly set to False (in roles/network/tasks/main.yml) if IIAB is
# being WiFi-installed (run "iiab-hotspot-on" AFTER ./iiab-install completes
# and content is downloaded, to enable the internal WiFi Access Point / AP!)
reboot_to_AP: False
# For those installing IIAB over WiFi: "reboot_to_AP: True" overrides the above
# detection of WiFi-as-gateway, forcing "hostapd_enabled: True" regardless.
wifi_up_down: True # Creates a second virtual wifi adapter for WiFi upstream to internet
# as well as classroom hotspot, use iiab_gateway_enabled for pass through
# Gateway mode
iiab_lan_enabled: True

3
vars/fedora-18.yml
View file

@ -26,6 +26,3 @@ sshd_service: sshd
nextcloud_install: False
nextcloud_enabled: False
systemd_location: /usr/lib/systemd/system
# Upgrade OS's own Calibre to very latest:
calibre_via_debs: False
calibre_via_python: True

3
vars/fedora-22.yml
View file

@ -22,6 +22,3 @@ apache_log: /var/log/httpd/access_log
sshd_package: openssh-server
sshd_service: sshd
systemd_location: /usr/lib/systemd/system
# Upgrade OS's own Calibre to very latest:
calibre_via_debs: False
calibre_via_python: True

2
vars/local_vars_big.yml
View file

@ -46,6 +46,8 @@ host_wifi_mode: g
host_channel: 6
hostapd_secure: False
hostapd_password: changeme
wifi_up_down: True # Creates a second virtual wifi adapter for WiFi upstream to internet
# as well as classroom hotspot, use iiab_gateway_enabled for pass through
# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
wan_ip: dhcp # wan_ip: 192.168.1.99

2
vars/local_vars_medium.yml
View file

@ -46,6 +46,8 @@ host_wifi_mode: g
host_channel: 6
hostapd_secure: False
hostapd_password: changeme
wifi_up_down: True # Creates a second virtual wifi adapter for WiFi upstream to internet
# as well as classroom hotspot, use iiab_gateway_enabled for pass through
# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
wan_ip: dhcp # wan_ip: 192.168.1.99

2
vars/local_vars_min.yml
View file

@ -46,6 +46,8 @@ host_wifi_mode: g
host_channel: 6
hostapd_secure: False
hostapd_password: changeme
wifi_up_down: True # Creates a second virtual wifi adapter for WiFi upstream to internet
# as well as classroom hotspot, use iiab_gateway_enabled for pass through
# See "How do I set a static IP address?" for Ethernet, in http://FAQ.IIAB.IO
wan_ip: dhcp # wan_ip: 192.168.1.99

5
vars/raspbian-10.yml
View file

@ -27,11 +27,6 @@ sshd_service: ssh
php_version: 7.3
postgresql_version: 11
systemd_location: /lib/systemd/system
# Upgrade Raspbian Buster's Calibre 3.x: (via role/calibre/tasks/debs.yml,
# with .deb's released about 5-10 days after Calibre's quasi-monthly releases)
calibre_via_debs: True
# roles/calibre/tasks/py-installer.yml FAILS on ARM as of 2018-05-10:
calibre_via_python: False
# minetest for rpi
minetest_server_bin: /library/games/minetest/bin/minetestserver

5
vars/raspbian-8.yml
View file

@ -26,8 +26,3 @@ sshd_service: ssh
php_version: 5
postgresql_version: 9.4
systemd_location: /lib/systemd/system
# Upgrade Raspbian Jessie's Calibre 2.5.0: (via role/calibre/tasks/debs.yml,
# with .deb's released about 5-10 days after Calibre's quasi-monthly releases)
calibre_via_debs: True
# roles/calibre/tasks/py-installer.yml FAILS on ARM as of 2018-05-10:
calibre_via_python: False

5
vars/raspbian-9.yml
View file

@ -27,11 +27,6 @@ sshd_service: ssh
php_version: 7.0
postgresql_version: 9.6
systemd_location: /lib/systemd/system
# Upgrade Raspbian Stretch's Calibre 2.75.1: (via role/calibre/tasks/debs.yml,
# with .deb's released about 5-10 days after Calibre's quasi-monthly releases)
calibre_via_debs: True
# roles/calibre/tasks/py-installer.yml FAILS on ARM as of 2018-05-10:
calibre_via_python: False
# minetest for rpi
minetest_server_bin: /library/games/minetest/bin/minetestserver

3
vars/ubuntu-16.yml
View file

@ -25,6 +25,3 @@ sshd_service: ssh
php_version: 7.0
postgresql_version: 9.5
systemd_location: /lib/systemd/system
# Upgrade Ubuntu 16.04's Calibre 2.55.0 to very latest:
calibre_via_debs: False
calibre_via_python: True

3
vars/ubuntu-17.yml
View file

@ -26,6 +26,3 @@ sshd_service: ssh
php_version: 7.1
postgresql_version: 9.6
systemd_location: /lib/systemd/system
# Upgrade Ubuntu 17.10's Calibre 3.7.0 to very latest:
calibre_via_debs: False
calibre_via_python: True

3
vars/ubuntu-18.yml
View file

@ -27,6 +27,3 @@ php_version: 7.2
# "postgresql_version: 10.3" fails (too detailed for /etc/systemd/system/postgresql-iiab.service on Ubuntu 18.04)
postgresql_version: 10
systemd_location: /lib/systemd/system
# Upgrade Ubuntu 18.04's Calibre 3.21.0 to very latest:
calibre_via_debs: False
calibre_via_python: True

3
vars/ubuntu-19.yml
View file

@ -27,6 +27,3 @@ php_version: 7.3
# "postgresql_version: 11.2" fails (too detailed for /etc/systemd/system/postgresql-iiab.service on Ubuntu 19.04)
postgresql_version: 11
systemd_location: /lib/systemd/system
# Upgrade Ubuntu 19.x's Calibre 3.39.1+ to very latest
calibre_via_debs: False
calibre_via_python: True

3
vars/ubuntu-20.yml
View file

@ -27,6 +27,3 @@ php_version: 7.4
# "postgresql_version: 11.2" failed (too detailed for /etc/systemd/system/postgresql-iiab.service on Ubuntu 19.04)
postgresql_version: 12
systemd_location: /lib/systemd/system
# Upgrade Ubuntu 20.04's Calibre 4.x to very latest...for now?
calibre_via_debs: False
calibre_via_python: True