external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-15 04:32:11 +00:00
Code Issues Releases Wiki Activity

Merge pull request #2693 from jvonau/debian_mate

Browse source 
Debian mate
This commit is contained in:
A Holt 2021-04-29 11:16:05 -04:00 committed by GitHub
commit f1fcdb82bc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 52 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
roles/2-common/tasks/iptables.yml
View file

@ -1,54 +0,0 @@
- name: Disable firewalld service (OS's other than debuntu)
service:
name: firewalld
enabled: no
when: not is_debuntu
# Likely no longer nec as of 2019
- name: Use larger hammer -- systemctl disable firewalld -- 2 symbolic links involved (OS's other than debuntu)
shell: systemctl disable firewalld.service
when: not is_debuntu
- name: Mask firewalld service (OS's other than debuntu)
shell: systemctl mask firewalld
ignore_errors: yes
when: not installing and not is_debuntu
- name: Stop firewalld service (OS's other than debuntu)
service:
name: firewalld
state: stopped
ignore_errors: yes
when: not installing and not is_debuntu
- name: Remove /etc/systemd/system/iptables.service
file:
path: /etc/systemd/system/iptables.service
state: absent
- name: Install package iptables-persistent (debuntu)
package:
name: iptables-persistent
state: present
when: is_debuntu
- name: Install package iptables-services (OS's other than debuntu)
package:
name: iptables-services
state: present
when: not is_debuntu
- name: Install /etc/sysconfig/iptables-config from template
template:
src: iptables-config
dest: /etc/sysconfig/iptables-config
# owner: root
# group: root
# mode: '0644'
- name: Install /etc/network/if-pre-up.d/iptables from template (debuntu)
template:
src: iptables
dest: /etc/network/if-pre-up.d/iptables
mode: '0755'
when: is_debuntu

2
roles/2-common/tasks/main.yml
View file

@ -19,7 +19,7 @@
when: xo_model != "none" or osbuilder is defined when: xo_model != "none" or osbuilder is defined
- include_tasks: packages.yml - include_tasks: packages.yml
- include_tasks: iptables.yml - include_tasks: network.yml
# Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes: # Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes:
- name: Use 'sysctl' to set 5 network/kernel settings, turning off IPv6 if possible - name: Use 'sysctl' to set 5 network/kernel settings, turning off IPv6 if possible

23
roles/2-common/tasks/network.yml Normal file
View file

@ -0,0 +1,23 @@
- name: Install package networkd-dispatcher (OS's other than RaspOS)
package:
name: networkd-dispatcher
state: present
when: not is_raspbian
# used in the network role
- name: Install network related packages (debuntu)
package:
name:
- iproute2
- iptables-persistent
- hostapd
- netmask
state: present
when: is_debuntu
- name: Install /etc/network/if-pre-up.d/iptables from template (debuntu)
template:
src: iptables
dest: /etc/network/if-pre-up.d/iptables
mode: '0755'
when: is_debuntu

4
roles/2-common/tasks/packages.yml
View file

@ -27,7 +27,7 @@
state: present state: present
when: is_debuntu when: is_debuntu
- name: "Install 22 common packages: acpid, bridge-utils, bzip2, curl, gawk, hostapd, htop, i2c-tools, logrotate, make, mlocate, netmask, net-tools, ntfs-3g, pandoc, pastebinit, rsync, sqlite3, tar, unzip, usbutils, wget" - name: "Install 20 common packages: acpid, bridge-utils, bzip2, curl, gawk, hostapd, htop, i2c-tools, logrotate, make, mlocate, netmask, net-tools, ntfs-3g, pandoc, pastebinit, rsync, sqlite3, tar, unzip, usbutils, wget"
package: package:
name: name:
- acpid # Daemon for ACPI (power mgmt) events - acpid # Daemon for ACPI (power mgmt) events
@ -35,7 +35,6 @@
- curl # Used to install roles/nodejs and roles/nodered - curl # Used to install roles/nodejs and roles/nodered
#- etckeeper # "nobody is really using etckeeper and it's bloating the filesystem every time apt runs" per @jvonau at https://github.com/iiab/iiab/issues/1146 #- etckeeper # "nobody is really using etckeeper and it's bloating the filesystem every time apt runs" per @jvonau at https://github.com/iiab/iiab/issues/1146
- gawk - gawk
- hostapd
- htop - htop
- i2c-tools # Low-level bus/chip/register/EEPROM tools e.g. for RTC - i2c-tools # Low-level bus/chip/register/EEPROM tools e.g. for RTC
- iproute2 - iproute2
@ -43,7 +42,6 @@
#- lynx # Installed by 1-prep's roles/iiab-admin/tasks/access.yml #- lynx # Installed by 1-prep's roles/iiab-admin/tasks/access.yml
- make # 2021-04-26: What roles (if any) truly still use this? - make # 2021-04-26: What roles (if any) truly still use this?
- mlocate - mlocate
- netmask
- net-tools # 2021-04-26: @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output? - net-tools # 2021-04-26: @jvonau suggests possibly deleting this...unless oldtimers really want these older commands in iiab-diagnostics output?
- ntfs-3g # Possibly no longer nec, similar to exfat packages above? - ntfs-3g # Possibly no longer nec, similar to exfat packages above?
#- openssh-server # ssh (Raspbian) or openssh-server (other OS's) already installed by 1-prep's roles/sshd/tasks/main.yml #- openssh-server # ssh (Raspbian) or openssh-server (other OS's) already installed by 1-prep's roles/sshd/tasks/main.yml

5
roles/network/tasks/NM-debian.yml
View file

@ -70,9 +70,14 @@
mode: 0600 mode: 0600
when: wan_ip != "dhcp" when: wan_ip != "dhcp"
- name: Use systemd-networkd to handle br0
include_tasks: sysd-netd-debian.yml
when: iiab_lan_iface == "br0" and not systemd_networkd_active
- name: Reload systemd - name: Reload systemd
systemd: systemd:
daemon_reload: yes daemon_reload: yes
when: not iiab_lan_iface == "br0"
- name: Restart the NetworkManager service - name: Restart the NetworkManager service
systemd: systemd:

22
roles/network/tasks/netplan.yml
View file

@ -23,17 +23,19 @@
- systemd-networkd-wait-online - systemd-networkd-wait-online
when: systemd_networkd_active when: systemd_networkd_active
- name: Unmask and enable the systemd-networkd service for br0 # Moved to NM-debian.yml 2020-12-07
systemd: #- name: Unmask and enable the systemd-networkd service for br0
name: systemd-networkd # systemd:
enabled: yes # name: systemd-networkd
masked: no # enabled: yes
when: network_manager_active and iiab_lan_iface == "br0" # masked: no
# when: network_manager_active and iiab_lan_iface == "br0"
- name: Ensure systemd-networkd gets enabled for br0 # Moved to NM-debian.yml 2020-12-07
set_fact: #- name: Ensure systemd-networkd gets enabled for br0
systemd_networkd_active: True # set_fact:
when: network_manager_active and iiab_lan_iface == "br0" # systemd_networkd_active: True
# when: network_manager_active and iiab_lan_iface == "br0"
# ICO will always set gui_static_wan_ip away from the default of 'unset' while # ICO will always set gui_static_wan_ip away from the default of 'unset' while
# gui_static_wan turns dhcp on/off through wan_ip in computed_network and # gui_static_wan turns dhcp on/off through wan_ip in computed_network and

11
roles/network/tasks/sysd-netd-debian.yml
View file

@ -57,10 +57,19 @@
state: started state: started
when: wifi_up_down and discovered_wireless_iface != "none" when: wifi_up_down and discovered_wireless_iface != "none"
- name: Restart the systemd-networkd service - name: Enable & Restart systemd-networkd.service
systemd: systemd:
name: systemd-networkd name: systemd-networkd
state: restarted state: restarted
enabled: yes
masked: no
- name: Enable & Restart networkd-dispatcher.service
systemd:
name: networkd-dispatcher
state: restarted
enabled: yes
masked: no
- name: Restart hostapd when WiFi is present but not when using WiFi as gateway with wifi_up_down False - name: Restart hostapd when WiFi is present but not when using WiFi as gateway with wifi_up_down False
systemd: systemd: