From 357eff658507a4b10aa8a39fa9c7b4965c55390a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:03:28 -0400 Subject: [PATCH 01/30] Rename centos.yml to centos.yml.unused --- roles/2-common/tasks/{centos.yml => centos.yml.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{centos.yml => centos.yml.unused} (100%) diff --git a/roles/2-common/tasks/centos.yml b/roles/2-common/tasks/centos.yml.unused similarity index 100% rename from roles/2-common/tasks/centos.yml rename to roles/2-common/tasks/centos.yml.unused From d7c9c29b34c88dcc99669bca7b49ca12b63a5066 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:03:42 -0400 Subject: [PATCH 02/30] Rename fedora.yml to fedora.yml.unused --- roles/2-common/tasks/{fedora.yml => fedora.yml.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{fedora.yml => fedora.yml.unused} (100%) diff --git a/roles/2-common/tasks/fedora.yml b/roles/2-common/tasks/fedora.yml.unused similarity index 100% rename from roles/2-common/tasks/fedora.yml rename to roles/2-common/tasks/fedora.yml.unused From 1a790cc51c213f059a324d77cf42802ff7e32560 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:04:12 -0400 Subject: [PATCH 03/30] Rename net_mods.yml to net_mods.yml.unused --- roles/2-common/tasks/{net_mods.yml => net_mods.yml.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{net_mods.yml => net_mods.yml.unused} (100%) diff --git a/roles/2-common/tasks/net_mods.yml b/roles/2-common/tasks/net_mods.yml.unused similarity index 100% rename from roles/2-common/tasks/net_mods.yml rename to roles/2-common/tasks/net_mods.yml.unused From d7218a54f7c7d72481f6182e39e778f910be25e6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:04:45 -0400 Subject: [PATCH 04/30] Rename prep.yml to prep.yml.unused --- roles/2-common/tasks/{prep.yml => prep.yml.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{prep.yml => prep.yml.unused} (100%) diff --git a/roles/2-common/tasks/prep.yml b/roles/2-common/tasks/prep.yml.unused similarity index 100% rename from roles/2-common/tasks/prep.yml rename to roles/2-common/tasks/prep.yml.unused From b16c402b126827b13244cf69c431172ca33a8622 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:05:01 -0400 Subject: [PATCH 05/30] Rename xo.yml to xo.yml.unused --- roles/2-common/tasks/{xo.yml => xo.yml.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{xo.yml => xo.yml.unused} (100%) diff --git a/roles/2-common/tasks/xo.yml b/roles/2-common/tasks/xo.yml.unused similarity index 100% rename from roles/2-common/tasks/xo.yml rename to roles/2-common/tasks/xo.yml.unused From 36d163333fce5f411c933d4181fb07c8559c1371 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:05:19 -0400 Subject: [PATCH 06/30] Rename yum-historical.yml to yum-historical.yml.unused --- .../tasks/{yum-historical.yml => yum-historical.yml.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/tasks/{yum-historical.yml => yum-historical.yml.unused} (100%) diff --git a/roles/2-common/tasks/yum-historical.yml b/roles/2-common/tasks/yum-historical.yml.unused similarity index 100% rename from roles/2-common/tasks/yum-historical.yml rename to roles/2-common/tasks/yum-historical.yml.unused From 969d093c3cf899df75af22d0cccf6add6cbeac9b Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:42:11 -0400 Subject: [PATCH 07/30] 2-common/tasks/main.yml: Comment out unused code --- roles/2-common/tasks/main.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 3e4e17131..f4d86732e 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -7,20 +7,20 @@ include_tasks: fl.yml # UNMAINTAINED -- include_tasks: centos.yml - when: ansible_distribution == "CentOS" +#- include_tasks: centos.yml +# when: ansible_distribution == "CentOS" # UNMAINTAINED -- include_tasks: fedora.yml - when: ansible_distribution == "Fedora" +#- include_tasks: fedora.yml +# when: ansible_distribution == "Fedora" # UNMAINTAINED -- include_tasks: prep.yml - when: not is_debuntu +#- include_tasks: prep.yml +# when: not is_debuntu # UNMAINTAINED -- include_tasks: xo.yml - when: xo_model != "none" or osbuilder is defined +#- include_tasks: xo.yml +# when: xo_model != "none" or osbuilder is defined - include_tasks: packages.yml - include_tasks: network.yml @@ -49,8 +49,8 @@ # src: zzz_iiab.sh # UNMAINTAINED -- include_tasks: net_mods.yml - when: not is_debuntu and not is_F18 +#- include_tasks: net_mods.yml +# when: not is_debuntu and not is_F18 - include_tasks: iiab-startup.yml From d305e138528fc1426e7e73422059b840249a3fae Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:48:14 -0400 Subject: [PATCH 08/30] 2-common/tasks/network.yml: Use 'sysctl' to set 5 network/kernel settings, turning off IPv6 if possible --- roles/2-common/tasks/network.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/roles/2-common/tasks/network.yml b/roles/2-common/tasks/network.yml index cc1615a58..9b3257e09 100644 --- a/roles/2-common/tasks/network.yml +++ b/roles/2-common/tasks/network.yml @@ -24,3 +24,20 @@ src: iptables dest: /etc/network/if-pre-up.d/iptables mode: '0755' + +# Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes: +- name: Use 'sysctl' to set 5 network/kernel settings, turning off IPv6 if possible + sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot + name: "{{ item.name }}" + value: "{{ item.value }}" + with_items: + - { name: 'net.ipv4.ip_forward', value: '1' } # Masquerading LAN->Internet + - { name: 'net.ipv4.conf.default.rp_filter', value: '1' } + - { name: 'net.ipv4.conf.default.accept_source_route', value: '0' } + #- { name: 'kernel.sysrq', value: '1' } # OS values differ, Ok? + - { name: 'kernel.core_uses_pid', value: '1' } + #- { name: 'net.ipv4.tcp_syncookies', value: '1' } # Very standard in 2020 + #- { name: 'kernel.shmmax', value: '268435456' } # OS values differ, Ok? + - { name: 'net.ipv6.conf.all.disable_ipv6', value: '1' } # IPv6 disabled + #- { name: 'net.ipv6.conf.default.disable_ipv6', value: '1' } # AUTO-SET + #- { name: 'net.ipv6.conf.lo.disable_ipv6', value: '1' } # BY ABOVE From 5aa1a21c079d0af8b21dfaa9a4d1060a59831f56 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:57:19 -0400 Subject: [PATCH 09/30] 2-common/tasks/main.yml made far more readable --- roles/2-common/tasks/main.yml | 37 +++++++++++------------------------ 1 file changed, 11 insertions(+), 26 deletions(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index f4d86732e..048b455c7 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -1,11 +1,18 @@ # Common OS-Level Additions & Mods (that only need to be performed once) - name: ...IS BEGINNING ========================================== - command: echo + meta: noop - name: Create IIAB directory structure ("file layout") include_tasks: fl.yml +- include_tasks: packages.yml + +- name: 'Network prep, including partial setup of iptables (firewall). SEE ALSO: 1-prep/tasks/raspberry_pi.yml' + include_tasks: network.yml + +- include_tasks: iiab-startup.yml + # UNMAINTAINED #- include_tasks: centos.yml # when: ansible_distribution == "CentOS" @@ -22,25 +29,9 @@ #- include_tasks: xo.yml # when: xo_model != "none" or osbuilder is defined -- include_tasks: packages.yml -- include_tasks: network.yml - -# Ongoing rework (e.g. PR #2652) arising from ansible.posix collection changes: -- name: Use 'sysctl' to set 5 network/kernel settings, turning off IPv6 if possible - sysctl: # Places these settings in /etc/sysctl.conf, to survive reboot - name: "{{ item.name }}" - value: "{{ item.value }}" - with_items: - - { name: 'net.ipv4.ip_forward', value: '1' } # Masquerading LAN->Internet - - { name: 'net.ipv4.conf.default.rp_filter', value: '1' } - - { name: 'net.ipv4.conf.default.accept_source_route', value: '0' } - #- { name: 'kernel.sysrq', value: '1' } # OS values differ, Ok? - - { name: 'kernel.core_uses_pid', value: '1' } - #- { name: 'net.ipv4.tcp_syncookies', value: '1' } # Very standard in 2020 - #- { name: 'kernel.shmmax', value: '268435456' } # OS values differ, Ok? - - { name: 'net.ipv6.conf.all.disable_ipv6', value: '1' } # IPv6 disabled - #- { name: 'net.ipv6.conf.default.disable_ipv6', value: '1' } # AUTO-SET - #- { name: 'net.ipv6.conf.lo.disable_ipv6', value: '1' } # BY ABOVE +# UNMAINTAINED +#- include_tasks: net_mods.yml +# when: not is_debuntu and not is_F18 # UNMAINTAINED #- name: Install /etc/profile.d/zzz_iiab.sh from template, to add sbin dirs to unprivileged users' $PATH @@ -48,12 +39,6 @@ # dest: /etc/profile.d/zzz_iiab.sh # src: zzz_iiab.sh -# UNMAINTAINED -#- include_tasks: net_mods.yml -# when: not is_debuntu and not is_F18 - -- include_tasks: iiab-startup.yml - - name: Recording STAGE 2 HAS COMPLETED ========================== lineinfile: path: "{{ iiab_env_file }}" From 8f2bfef24b41a93b6301ad18eef00ecde4da7f73 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:58:15 -0400 Subject: [PATCH 10/30] Tweak 2-common/tasks/main.yml --- roles/2-common/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/tasks/main.yml b/roles/2-common/tasks/main.yml index 048b455c7..21ae62a6a 100644 --- a/roles/2-common/tasks/main.yml +++ b/roles/2-common/tasks/main.yml @@ -8,7 +8,7 @@ - include_tasks: packages.yml -- name: 'Network prep, including partial setup of iptables (firewall). SEE ALSO: 1-prep/tasks/raspberry_pi.yml' +- name: 'Network prep, including partial setup of iptables (firewall) -- SEE ALSO: 1-prep/tasks/raspberry_pi.yml' include_tasks: network.yml - include_tasks: iiab-startup.yml From 1e9bd4d90b64863cf554e3fd712fdb71f4ae1a43 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 01:59:43 -0400 Subject: [PATCH 11/30] Rename iptables-config to iptables-config.unused --- .../templates/{iptables-config => iptables-config.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/templates/{iptables-config => iptables-config.unused} (100%) diff --git a/roles/2-common/templates/iptables-config b/roles/2-common/templates/iptables-config.unused similarity index 100% rename from roles/2-common/templates/iptables-config rename to roles/2-common/templates/iptables-config.unused From 3017480dfff539f05c1958eae4a8bee0cd77921d Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 02:16:37 -0400 Subject: [PATCH 12/30] Rename ansible.repo to ansible.repo.unused --- roles/2-common/templates/{ansible.repo => ansible.repo.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/templates/{ansible.repo => ansible.repo.unused} (100%) diff --git a/roles/2-common/templates/ansible.repo b/roles/2-common/templates/ansible.repo.unused similarity index 100% rename from roles/2-common/templates/ansible.repo rename to roles/2-common/templates/ansible.repo.unused From 2d7b0a1ebdaa669c4c8b6e02bf88db0842e6c4d7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 02:16:50 -0400 Subject: [PATCH 13/30] Rename iiab-centos.repo to iiab-centos.repo.unused --- .../templates/{iiab-centos.repo => iiab-centos.repo.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/templates/{iiab-centos.repo => iiab-centos.repo.unused} (100%) diff --git a/roles/2-common/templates/iiab-centos.repo b/roles/2-common/templates/iiab-centos.repo.unused similarity index 100% rename from roles/2-common/templates/iiab-centos.repo rename to roles/2-common/templates/iiab-centos.repo.unused From b305528d54cff207ba27881ae1a8d4d9833ea3b5 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 02:17:24 -0400 Subject: [PATCH 14/30] Update and rename iiab-extra.repo to iiab-extra.repo.unused --- .../templates/{iiab-extra.repo => iiab-extra.repo.unused} | 1 - 1 file changed, 1 deletion(-) rename roles/2-common/templates/{iiab-extra.repo => iiab-extra.repo.unused} (99%) diff --git a/roles/2-common/templates/iiab-extra.repo b/roles/2-common/templates/iiab-extra.repo.unused similarity index 99% rename from roles/2-common/templates/iiab-extra.repo rename to roles/2-common/templates/iiab-extra.repo.unused index d8977bb36..8218e57a8 100644 --- a/roles/2-common/templates/iiab-extra.repo +++ b/roles/2-common/templates/iiab-extra.repo.unused @@ -13,4 +13,3 @@ baseurl=http://download.iiab.io/repos/xsce-extra/ enabled=1 metadata_expire=1d gpgcheck=0 - From 752fd1ee72d1b4f398b5ada705497bd9e6ea98e7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 02:17:49 -0400 Subject: [PATCH 15/30] Rename iiab-testing.repo to iiab-testing.repo.unused --- .../templates/{iiab-testing.repo => iiab-testing.repo.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/templates/{iiab-testing.repo => iiab-testing.repo.unused} (100%) diff --git a/roles/2-common/templates/iiab-testing.repo b/roles/2-common/templates/iiab-testing.repo.unused similarity index 100% rename from roles/2-common/templates/iiab-testing.repo rename to roles/2-common/templates/iiab-testing.repo.unused From 06c4543828913d63f8b3b1e3b7bdb868a75379f0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 02:18:08 -0400 Subject: [PATCH 16/30] Update and rename li.nux.ro.repo to li.nux.ro.repo.unused --- .../templates/{li.nux.ro.repo => li.nux.ro.repo.unused} | 2 -- 1 file changed, 2 deletions(-) rename roles/2-common/templates/{li.nux.ro.repo => li.nux.ro.repo.unused} (98%) diff --git a/roles/2-common/templates/li.nux.ro.repo b/roles/2-common/templates/li.nux.ro.repo.unused similarity index 98% rename from roles/2-common/templates/li.nux.ro.repo rename to roles/2-common/templates/li.nux.ro.repo.unused index 299d01fe5..2e0a28112 100644 --- a/roles/2-common/templates/li.nux.ro.repo +++ b/roles/2-common/templates/li.nux.ro.repo.unused @@ -4,5 +4,3 @@ baseurl=http://li.nux.ro/download/nux/dextop/el7/x86_64/ enabled=0 gpgcheck=1 gpgkey=http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro - - From c5b5b4c213f7037a618baf26f9b05408e765d585 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 02:18:20 -0400 Subject: [PATCH 17/30] Rename local.repo to local.repo.unused --- roles/2-common/templates/{local.repo => local.repo.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/2-common/templates/{local.repo => local.repo.unused} (100%) diff --git a/roles/2-common/templates/local.repo b/roles/2-common/templates/local.repo.unused similarity index 100% rename from roles/2-common/templates/local.repo rename to roles/2-common/templates/local.repo.unused From 45515f3ceb0962f98407e8ded5b46b5e7040a0bf Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 02:19:04 -0400 Subject: [PATCH 18/30] Update and rename rpmfusion-free-updates.repo to rpmfusion-free-updates.repo.unused --- ...sion-free-updates.repo => rpmfusion-free-updates.repo.unused} | 1 - 1 file changed, 1 deletion(-) rename roles/2-common/templates/{rpmfusion-free-updates.repo => rpmfusion-free-updates.repo.unused} (99%) diff --git a/roles/2-common/templates/rpmfusion-free-updates.repo b/roles/2-common/templates/rpmfusion-free-updates.repo.unused similarity index 99% rename from roles/2-common/templates/rpmfusion-free-updates.repo rename to roles/2-common/templates/rpmfusion-free-updates.repo.unused index 9ac901387..e10a34ab6 100644 --- a/roles/2-common/templates/rpmfusion-free-updates.repo +++ b/roles/2-common/templates/rpmfusion-free-updates.repo.unused @@ -21,4 +21,3 @@ mirrorlist=http://mirrors.rpmfusion.org/mirrorlist?repo=free-fedora-updates-rele enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-$releasever - From ce6c5c507dbe81c24da78b28ebb2e485073e1315 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:02:23 -0400 Subject: [PATCH 19/30] Update 2-common/README.rst --- roles/2-common/README.rst | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/roles/2-common/README.rst b/roles/2-common/README.rst index 90bee5c7e..5e1724d20 100644 --- a/roles/2-common/README.rst +++ b/roles/2-common/README.rst @@ -2,7 +2,13 @@ 2-common README =============== -This 2nd stage is for OS-level roles/packages/tasks *common* to all platforms, -prerequisites to building up a functioning server. +This 2nd `stage `_ is for OS-level basics *common* to all platforms, i.e. core prerequisites to building up a functioning `Internet-in-a-Box (IIAB) `_ server. -As in the case of 3-base-server, 4-server-options and 5-xo-services: this stage installs core server infra, that is not user-facing. +These are (partially) put in place: + +- IIAB directory structure (`file layout `_) +- Common `apt `_ software packages +- Networking (including the `iptables `_ firewall) +- `/usr/libexec/iiab-startup.sh `_ similar to AUTOEXEC.BAT and /etc/rc.local, in order to run jobs on boot + +As with 0-init, 1-prep, 3-base-server, 4-server-options and 5-xo-services, this stage installs core server infra (that is not user-facing). From 79003cdeb33c3a583b42b342c6a7c9184cc8b7bd Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:04:37 -0400 Subject: [PATCH 20/30] Update 3-base-server/README.rst --- roles/3-base-server/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/3-base-server/README.rst b/roles/3-base-server/README.rst index a7abce597..1fae65ca0 100644 --- a/roles/3-base-server/README.rst +++ b/roles/3-base-server/README.rst @@ -2,7 +2,7 @@ 3-base-server README ==================== -This 3rd stage installs base server infra that Internet-in-a-Box requires, including: +This 3rd `stage `_ installs base server infra that `Internet-in-a-Box (IIAB) `_ requires, including: - `MySQL `_ (database underlying many/most user-facing apps). This IIAB role also installs apt package: - **php{{ php_version }}-mysql** — which forcibly installs **php{{ php_version }}-common** @@ -10,6 +10,6 @@ This 3rd stage installs base server infra that Internet-in-a-Box requires, inclu - **php{{ php_version }}-fpm** — which forcibly installs **php{{ php_version }}-cli**, **php{{ php_version }}-common** and **libsodium23** - `www_base `_ (similar to `www_options `_ which runs later in 4-server-options) -Recap: as with 2-common, 4-server-options and 5-xo-services, this 3rd stage installs core server infra (that is not user-facing). +Recap: as with 0-init, 1-prep, 2-common, 4-server-options and 5-xo-services, this 3rd stage installs core server infra (that is not user-facing). The next stage (4-server-options) brings more diverse/optional server infra functionality. From ac855c4a17a3a36ee0693e97e8582dbc20ba8c87 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:05:45 -0400 Subject: [PATCH 21/30] Update 2-common/README.rst --- roles/2-common/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/README.rst b/roles/2-common/README.rst index 5e1724d20..df00cf7e1 100644 --- a/roles/2-common/README.rst +++ b/roles/2-common/README.rst @@ -11,4 +11,4 @@ These are (partially) put in place: - Networking (including the `iptables `_ firewall) - `/usr/libexec/iiab-startup.sh `_ similar to AUTOEXEC.BAT and /etc/rc.local, in order to run jobs on boot -As with 0-init, 1-prep, 3-base-server, 4-server-options and 5-xo-services, this stage installs core server infra (that is not user-facing). +Recap: as with 0-init, 1-prep, 3-base-server, 4-server-options and 5-xo-services, this 2nd stage installs core server infra (that is not user-facing). From 342942d46c1c8e31e1e1b7f33b64324f342a2f4a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:23:06 -0400 Subject: [PATCH 22/30] Update 4-server-options/README.rst --- roles/4-server-options/README.rst | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/roles/4-server-options/README.rst b/roles/4-server-options/README.rst index 61d79f77e..7384135b4 100644 --- a/roles/4-server-options/README.rst +++ b/roles/4-server-options/README.rst @@ -2,8 +2,18 @@ 4-server-options README ======================= -Whereas 3-base-server installs critical packages needed by all, this 4th stage installs a broad array of *options* -- depending on which server apps will be installed in later stages -- as specified in /etc/iiab/local_vars.yml +Whereas 3-base-server installs critical packages needed by all, this 4th `stage `_ installs a broad array of *options* ⁠— depending on which server apps will be installed in later stages ⁠— as specified in `/etc/iiab/local_vars.yml `_ -This includes some networking fundamentals, before they're configured later on. +This includes more networking fundamentals, that may further be configured later on. -As in the case of 2-common, 3-base-server and 5-xo-services: this stage installs core server infra, that is not user-facing. +Specifically, these might be installed: + +- Python libraries +- SSH daemon +- Bluetooth for Raspberry Pi +- Instant-sharing of `USB stick content `_ +- CUPS Printing +- Samba for Windows filesystems +- `www_options `_ + +Recap: as in the case of 0-init, 1-prep, 2-common, 3-base-server and 5-xo-services ⁠— this 4th stage installs core server infra (that is not user-facing). From 331d1e03d04823700a503ce5ec5051ff5292e2cf Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:24:08 -0400 Subject: [PATCH 23/30] Tweak 4-server-options/README.rst --- roles/4-server-options/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/README.rst b/roles/4-server-options/README.rst index 7384135b4..6eb3fb46e 100644 --- a/roles/4-server-options/README.rst +++ b/roles/4-server-options/README.rst @@ -16,4 +16,4 @@ Specifically, these might be installed: - Samba for Windows filesystems - `www_options `_ -Recap: as in the case of 0-init, 1-prep, 2-common, 3-base-server and 5-xo-services ⁠— this 4th stage installs core server infra (that is not user-facing). +Recap: as with 0-init, 1-prep, 2-common, 3-base-server and 5-xo-services ⁠— this 4th stage installs core server infra (that is not user-facing). From 62126adc03797d7cb1332b83555c625348b8fcf2 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:25:40 -0400 Subject: [PATCH 24/30] Update 5-xo-services/README.rst --- roles/5-xo-services/README.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/5-xo-services/README.rst b/roles/5-xo-services/README.rst index 1cb725bf7..42c73832c 100644 --- a/roles/5-xo-services/README.rst +++ b/roles/5-xo-services/README.rst @@ -2,6 +2,6 @@ 5-xo-services README ==================== -This 5th stage provides underlying services for One Laptop Per Child's XO laptops. +This 5th `stage `_ provides underlying services for One Laptop Per Child's XO laptops. -As in the case of 2-common, 3-base-server and 4-server-options: this stage installs core server infra, that is not user-facing. +Recap: As with 0-init, 1-prep, 2-common, 3-base-server and 4-server-options — this 5th stage installs core server infra (that is not user-facing). From 97434c98cac54a24f138b87c9322bce29d15d561 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:28:09 -0400 Subject: [PATCH 25/30] Tweak 3-base-server/README.rst --- roles/3-base-server/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/3-base-server/README.rst b/roles/3-base-server/README.rst index 1fae65ca0..e458d7be0 100644 --- a/roles/3-base-server/README.rst +++ b/roles/3-base-server/README.rst @@ -10,6 +10,6 @@ This 3rd `stage `_ (similar to `www_options `_ which runs later in 4-server-options) -Recap: as with 0-init, 1-prep, 2-common, 4-server-options and 5-xo-services, this 3rd stage installs core server infra (that is not user-facing). +Recap: As with 0-init, 1-prep, 2-common, 4-server-options and 5-xo-services — this 3rd stage installs core server infra (that is not user-facing). The next stage (4-server-options) brings more diverse/optional server infra functionality. From 647e85d84edca9a2abd9738fc9328f1221ccf8c8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:28:38 -0400 Subject: [PATCH 26/30] Tweak 4-server-options/README.rst --- roles/4-server-options/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/4-server-options/README.rst b/roles/4-server-options/README.rst index 6eb3fb46e..6355f85e7 100644 --- a/roles/4-server-options/README.rst +++ b/roles/4-server-options/README.rst @@ -16,4 +16,4 @@ Specifically, these might be installed: - Samba for Windows filesystems - `www_options `_ -Recap: as with 0-init, 1-prep, 2-common, 3-base-server and 5-xo-services ⁠— this 4th stage installs core server infra (that is not user-facing). +Recap: As with 0-init, 1-prep, 2-common, 3-base-server and 5-xo-services ⁠— this 4th stage installs core server infra (that is not user-facing). From dd584a0c6a7238764227270b76986a632cac4beb Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:29:49 -0400 Subject: [PATCH 27/30] Tweak 2-common/README.rst --- roles/2-common/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/2-common/README.rst b/roles/2-common/README.rst index df00cf7e1..be1ccd5c9 100644 --- a/roles/2-common/README.rst +++ b/roles/2-common/README.rst @@ -11,4 +11,4 @@ These are (partially) put in place: - Networking (including the `iptables `_ firewall) - `/usr/libexec/iiab-startup.sh `_ similar to AUTOEXEC.BAT and /etc/rc.local, in order to run jobs on boot -Recap: as with 0-init, 1-prep, 3-base-server, 4-server-options and 5-xo-services, this 2nd stage installs core server infra (that is not user-facing). +Recap: As with 0-init, 1-prep, 3-base-server, 4-server-options and 5-xo-services — this 2nd stage installs core server infra (that is not user-facing). From ce01a544bc6c23c5694fa8d4091aaa71f4d05393 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:33:23 -0400 Subject: [PATCH 28/30] Update 1-prep/README.rst --- roles/1-prep/README.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/1-prep/README.rst b/roles/1-prep/README.rst index b8fe2d884..ef512e620 100644 --- a/roles/1-prep/README.rst +++ b/roles/1-prep/README.rst @@ -2,8 +2,8 @@ 1-prep README ============= -This 1st stage (1-prep) is primarily hardware-focused, prior to OS -additions/mods, but also includes critical pieces sometimes needed for +This 1st `stage `_ (1-prep) is primarily hardware-focused, prior to OS +additions/mods — but also includes critical pieces sometimes needed for remote support: - SSH @@ -14,3 +14,5 @@ Traditionally 1-prep also included preliminaries like hostname and hardware-oriented things specific to a particular platform (such as One Laptop Per Child's XO laptop) i.e. critical setup prior to the bulk of IIAB's software install. + +Recap: Similar to 0-init, 2-common, 3-base-server and 5-xo-services ⁠— this 1st stage installs core server infra (that is not user-facing). From 83a692cb47f70f77077540b3dc3b588122697e2a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 03:46:42 -0400 Subject: [PATCH 29/30] Update: 0-init/README.rst --- roles/0-init/README.rst | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/0-init/README.rst b/roles/0-init/README.rst index acceaff33..a206b7d09 100644 --- a/roles/0-init/README.rst +++ b/roles/0-init/README.rst @@ -2,8 +2,10 @@ 0-init README ============= -For a higher-level view, please see `IIAB Installation `_ and http://FAQ.IIAB.IO +For a higher-level view of `Internet-in-a-Box (IIAB) `_, please see http://FAQ.IIAB.IO and `IIAB Installation `_. -This 0th stage literally sets the stage for Internet-in-a-Box (IIAB) installation, prior to Ansible running `Stages 1-to-9 <.>`_ and then the `network <../network>`_ stage. +This 0th `stage `_ literally sets the stage for IIAB installation, prior to Ansible running Stages 1-to-9, which are typically then followed by the `network <../network>`_ stage. -This serves to confirm low-level Ansible facts from the OS — e.g. for housekeeping tasks related to TZ (time zone), hostname, FQDN (fully-qualified domain name), unusual systemwide dependencies etc — and whether Internet is live so that IIAB installation can proceed. +But first: This 0th stage (0-init) serves to confirm low-level Ansible facts from the OS — e.g. for housekeeping tasks related to TZ (time zone), hostname, FQDN (fully-qualified domain name), unusual systemwide dependencies etc (and whether Internet is live) — so that IIAB installation can get underway. + +Recap: Similar to 1-prep, 2-common, 3-base-server, 4-server-options and 5-xo-services ⁠— this 0th stage installs core server infra (that is not user-facing). From ad895d71f34889b40e67982145e917311564dbcc Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 28 Jul 2021 04:04:51 -0400 Subject: [PATCH 30/30] Update 1-prep/README.rst --- roles/1-prep/README.rst | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/1-prep/README.rst b/roles/1-prep/README.rst index ef512e620..d2b3bb8ee 100644 --- a/roles/1-prep/README.rst +++ b/roles/1-prep/README.rst @@ -6,13 +6,17 @@ This 1st `stage `_ username and group to log into Admin Console - OpenVPN software if/as needed later for remote support +- `raspberry_pi.yml `_ including RTC, essential packages, and networking basics Traditionally 1-prep also included preliminaries like hostname and hardware-oriented things specific to a particular platform (such as One Laptop Per Child's XO laptop) i.e. critical setup prior to the bulk of IIAB's software install. -Recap: Similar to 0-init, 2-common, 3-base-server and 5-xo-services ⁠— this 1st stage installs core server infra (that is not user-facing). +Recap: Similar to 0-init, 2-common, 3-base-server, 4 server-options and 5-xo-services ⁠— this 1st stage installs core server infra (that is not user-facing).