Merge pull request #537 from jvonau/had-1116-short

had-1116-short: wifi install auto AP on reboot
2025-02-14 20:22:08 +00:00 · 2017-11-20 12:31:25 -05:00 · 2017-11-20 12:31:25 -05:00 · fb4b5b9368
commit fb4b5b9368
parent bac2012f05 20398be41a
17 changed files with 169 additions and 44 deletions
--- a/iiab-from-console.yml
+++ b/iiab-from-console.yml
@ -16,3 +16,4 @@
      - { role: 7-edu-apps, tags: ['7-edu-apps'] }
      - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
      - { role: 9-local-addons, tags: ['9-local-addons'] }
+      - { role: network, tags: ['network'] }
--- a/10
+++ b/10
@ -70,15 +70,7 @@ fi
 # Stage 0 will always be run.  From there on up to Stage 9 we keep a counter
 # (in /etc/iiab/iiab.env) of the highest completed Stage.  Avoid repetition!
 STAGE=0
-if [ ! -f /etc/iiab/iiab.env ]; then
-    mkdir -p /etc/iiab
-    echo "Ran 'mkdir -p /etc/iiab'"
-    # ./runtags and Admin Console currently require /etc/iiab/config_vars.yml (in future they may be self-sufficient?)
-    if [ ! -f /etc/iiab/config_vars.yml ]; then
-        echo "{}" > /etc/iiab/config_vars.yml
-        echo "Created stub /etc/iiab/config_vars.yml"
-    fi
-else
+if [ -f /etc/iiab/iiab.env ]; then
    if [[ `grep STAGE= /etc/iiab/iiab.env` ]]; then
        source /etc/iiab/iiab.env
        echo "Extracted STAGE="$STAGE" (counter) from /etc/iiab/iiab.env"
--- a/iiab-stages.yml
+++ b/iiab-stages.yml
@ -68,3 +68,8 @@
      name: 9-local-addons
    when: ansible_local.local_facts.stage|int < 9
    tags: 9-local-addons
+
+  - name: Network
+    include_role:
+      name: network
+    tags: network
--- a/iiab.yml
+++ b/iiab.yml
@ -19,3 +19,4 @@
      - { role: 7-edu-apps, tags: ['7-edu-apps'] }
      - { role: 8-mgmt-tools, tags: ['8-mgmt-tools'] }
      - { role: 9-local-addons, tags: ['9-local-addons'] }
+      - { role: network, tags: ['network'] }
--- a/roles/0-init/tasks/first_run.yml
+++ b/roles/0-init/tasks/first_run.yml
@ -1,6 +1,5 @@
- name: Write iiab_ini.yml for the first time
-  include_tasks: iiab_ini.yml
-
 - name: Create the directory structure for IIAB
  include_tasks: fl.yml

+- name: Write iiab_ini.yml for the first time
+  include_tasks: iiab_ini.yml
--- a/roles/0-init/tasks/fl.yml
+++ b/roles/0-init/tasks/fl.yml
@ -5,6 +5,7 @@
        mode=0755
        state=directory
  with_items:
+    - /etc/iiab
    - "{{ yum_packages_dir }}"
    - "{{ pip_packages_dir }}"
    - "{{ downloads_dir }}"
@ -14,6 +15,7 @@
    - /library/working/rachel
    - "{{ iiab_zim_path }}/content"
    - "{{ iiab_zim_path }}/index"
+    - "{{ doc_root }}/local_content"
    - "{{ doc_root }}/modules"
    - "{{ doc_root }}/common/css"
    - "{{ doc_root }}/common/js"
--- a/roles/3-base-server/tasks/main.yml
+++ b/roles/3-base-server/tasks/main.yml
@ -21,10 +21,6 @@
  # has no "when: XXXXX_install" flag
  tags: base, mysql

- name: Make sure there is a content directory
-  file: dest={{ doc_root }}/local_content
-        state=directory
-
 - name: Restart httpd
  service: name={{ apache_service }}
           state=restarted
--- a/roles/4-server-options/tasks/main.yml
+++ b/roles/4-server-options/tasks/main.yml
@ -15,31 +15,31 @@
  when: openvpn_install
  tags: openvpn

- name: Configuring wondershaper
-  include_tasks: roles/network/tasks/wondershaper.yml
-  when: wondershaper_install
-  tags: wondershaper, network
+#- name: Configuring wondershaper
+#  include_tasks: roles/network/tasks/wondershaper.yml
+#  when: wondershaper_install
+#  tags: wondershaper, network

- name: Configuring named
+- name: Installing named
  include_tasks: roles/network/tasks/named.yml
-  when: FQDN_changed
-  tags: named, network, domain
+  when: named_install
+  tags: base, named, network, domain

- name: Configuring dhcpd
+- name: Installing dhcpd
  include_tasks: roles/network/tasks/dhcpd.yml
-  when: FQDN_changed
-  tags: dhcpd, network, domain
+  when: dhcpd_install
+  tags: base, dhcpd, network, domain

- name: Configuring Squid
+- name: Installing Squid
  include_tasks: roles/network/tasks/squid.yml
  when: squid_install
-  tags: squid, network, domain
+  tags: base, squid, network, domain

- name: NETWORK
-  include_role:
-    name: network
-  # has no "when: XXXXX_install" flag
-  tags: base, network
+#- name: NETWORK
+#  include_role:
+#    name: network
+#  # has no "when: XXXXX_install" flag
+#  tags: base, network

 - name: HOMEPAGE
  include_role:
--- a/roles/network/tasks/detected_network.yml
+++ b/roles/network/tasks/detected_network.yml
@ -60,9 +60,10 @@
  set_fact:
     wifi2: "{{ item|trim }}"
     discovered_wireless_iface: "{{ item|trim }}"
-  when: wireless_list2.stdout != "" and item|trim != discovered_wan_iface
+  when: wireless_list2.stdout is defined
  with_items:
      - "{{ wireless_list2.stdout_lines }}"
+#item|trim != discovered_wan_iface

 - name: Count WiFi ifaces
  shell: "ls -la /sys/class/net/*/phy80211 | awk -F / '{print $5}' | wc -l"
--- a/roles/network/tasks/enable_services.yml
+++ b/roles/network/tasks/enable_services.yml
@ -1,3 +1,9 @@
+- name: Disable the Access Point 'hostapd' service
+  service: enabled=no
+           name=hostapd.service
+  when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance"
+#or not hostapd_enabled
+
 - name: Disable dhcpd service
  service: name=dhcpd
           enabled=no
@ -46,7 +52,7 @@
  when: not dnsmasq_enabled and dnsmasq_install

 - name: dnsmasq copy config file to /etc
-  template: src=network/dnsmasq.conf dest=/etc/
+  template: src=network/dnsmasq.conf.j2 dest=/etc/
  when: dnsmasq_enabled and dnsmasq_install

 - name: Enable dnsmasq
--- a/roles/network/tasks/hostapd.yml
+++ b/roles/network/tasks/hostapd.yml
@ -4,12 +4,20 @@
            owner=root
            group=root
            mode=0644
+  when: iiab_wireless_lan_iface is defined
+
+- name: Create a config template for hostapd
+  template: src=hostapd/iiab-hostapd.conf.j2
+            dest=/etc/hostapd/hostapd.conf.template
+            owner=root
+            group=root
+            mode=0644
  when: discovered_wireless_iface is defined

 - name: Disable the Access Point 'hostapd' service
  service: enabled=no
           name=hostapd.service
-  when: not iiab_wireless_lan_iface is defined or iiab_network_mode == "Appliance" or not hostapd_enabled
+  when: not hostapd_enabled

 - name: Use custom systemd unit file to start 'hostapd' service
  template: src=hostapd/hostapd.service.j2
@ -17,6 +25,21 @@
            owner=root
            group=root
            mode=0644
+  when: hostapd_enabled
+
+- name: Use custom iiab-hotspot-on
+  template: src=network/iiab-hotspot-on
+            dest=/usr/bin/iiab-hotspot-on
+            owner=root
+            group=root
+            mode=0755
+
+- name: Use custom iiab-hotspot-off
+  template: src=network/iiab-hotspot-off
+            dest=/usr/bin/iiab-hotspot-off
+            owner=root
+            group=root
+            mode=0755

 - name: Enable the Access Point 'hostapd' service
  service: enabled=yes
--- a/roles/network/tasks/main.yml
+++ b/roles/network/tasks/main.yml
@ -8,12 +8,31 @@
    - network
    - network-discover

+- name: RPi hack for AP post install via wifi so the services are right
+  set_fact:
+      iiab_lan_iface: br0
+      iiab_wan_iface: "{{ discovered_wired_iface }}"
+      iiab_wireless_lan_iface: "{{ discovered_wireless_iface }}"
+      iiab_wired_lan_iface: ""
+  when: is_rpi and discovered_wireless_iface is defined and discovered_wireless_iface == iiab_wan_iface
+
 - include_tasks: computed_network.yml
  when: not installing
  tags:
    - network
    - network-discover

+- include_tasks: hostapd.yml
+  tags:
+    - network
+    - AP
+
+- name: RPi hack for AP post install via wifi don't blow away current network
+  set_fact:
+      no_net_restart: True
+      hostapd_enabled: False
+  when: is_rpi and discovered_wireless_iface is defined and discovered_wired_iface != iiab_wan_iface
+
 ##### Start static ip address info for first run #####
 #- include_tasks: static.yml
 #  when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"'
@ -25,16 +44,28 @@
    - hostname
    - domain

+- name: Configuring wondershaper
+  include_tasks: wondershaper.yml
+  when: wondershaper_install
+  tags: wondershaper, network
+
+- name: (Re)Installing named
+  include_tasks: named.yml
+  when: FQDN_changed and iiab_stage|int == 9
+
+- name: (Re)Installing dhcpd
+  include_tasks: dhcpd.yml
+  when: FQDN_changed and iiab_stage|int == 9
+
+- name: (Re)Installing Squid
+  include_tasks: squid.yml
+  when: FQDN_changed and squid_install and iiab_stage|int == 9
+
 #### start services
 - include_tasks: avahi.yml
  tags:
    - network

- include_tasks: hostapd.yml
-  tags:
-    - network
-    - AP
-
 - include_tasks: computed_services.yml
  tags:
    - network
@ -42,7 +73,7 @@
    - dhcpd
    - dnsmasq
    - squid
- 
+
 - include_tasks: enable_services.yml
  tags:
    - network
@ -97,3 +128,4 @@
    - dhcpd
    - dnsmasq
    - squid
+    - AP
--- a/roles/network/templates/hostapd/iiab-hostapd.conf.j2
+++ b/roles/network/templates/hostapd/iiab-hostapd.conf.j2
@ -0,0 +1,32 @@
+# Basic configuration
+
+interface={{ discovered_wireless_iface }}
+
+ssid={{ host_ssid }}
+channel={{ host_channel }}
+{%if iiab_lan_iface  == "br0" %}
+bridge=br0
+{% endif %}
+
+# Hardware configuration
+driver={{ driver_name }}
+{%if host_wireless_n %}
+ieee80211n=1
+{% endif %}
+country_code={{ host_country_code }}
+# limit emissions to what is legal in country
+ieee80211d=1
+hw_mode={{ host_wifi_mode }}
+
+{%if hostapd_secure %}
+# Use WPA authentication
+auth_algs=1
+# Use WPA2
+wpa=2
+# Use a pre-shared key
+wpa_key_mgmt=WPA-PSK
+# The network passphrase
+wpa_passphrase={{ hostapd_password }}
+# Use AES, instead of TKIP
+rsn_pairwise=CCMP
+{% endif %}
--- a/roles/network/templates/network/dnsmasq.conf.j2
+++ b/roles/network/templates/network/dnsmasq.conf.j2
@ -0,0 +1,20 @@
+# Never forward addresses in the non-routed address spaces.
+bogus-priv
+#　Add other name servers here, with domain specs if they are for　non-public domains.
+#server=/{{ iiab_domain }}/{{ iiab_hostname }}
+# Add local-only domains here, queries in these domains are answered　from /etc/hosts or DHCP only.
+local=/{{ iiab_domain }}/
+# Make all host names resolve to the Raspberry Pi's IP address
+address=/#/{{ lan_ip }}
+# Specify the interface that will listen for DHCP and DNS requests
+interface={{ iiab_lan_iface }}
+# Set the domain for dnsmasq
+domain={{ iiab_domain }}
+# Specify the range of IP addresses the DHCP server will lease out to devices, and the duration of the lease
+dhcp-range=172.18.100.1,172.18.126.254,1h
+# Specify the default route
+dhcp-option=3,{{ lan_ip }}
+# Specify the DNS server address
+dhcp-option=6,{{ lan_ip }}
+# Set the DHCP server to authoritative mode.
+dhcp-authoritative
--- a/roles/network/templates/network/iiab-hotspot-off
+++ b/roles/network/templates/network/iiab-hotspot-off
@ -0,0 +1,7 @@
+#!/bin/bash
+sed -i -e "s/^denyinterfaces*/#denyinterfaces/" /etc/dhcpcd.conf
+systemctl disable hostapd
+systemctl stop hostapd
+systemctl daemon-reload
+systemctl restart dhcpcd
+systemctl restart networking
--- a/roles/network/templates/network/iiab-hotspot-on
+++ b/roles/network/templates/network/iiab-hotspot-on
@ -0,0 +1,7 @@
+#!/bin/bash
+sed -i -e "s/#denyinterfaces*/denyinterfaces/" /etc/dhcpcd.conf
+systemctl enable hostapd
+systemctl daemon-reload
+systemctl restart dhcpcd
+systemctl restart networking
+systemctl start hostapd
--- a/roles/network/templates/network/rpi.j2
+++ b/roles/network/templates/network/rpi.j2
@ -5,8 +5,9 @@
 #################   LANCONTROLLER   ###################
 auto br0
 iface br0 inet manual
-    bridge_ports {% if iiab_wireless_lan_iface is defined %}{{ iiab_wireless_lan_iface }}{% endif %} {% if iiab_wired_lan_iface is defined %} {{ iiab_wired_lan_iface }}{% endif %}
-
+{% if iiab_wired_lan_iface is defined %}
+    bridge_ports {{ iiab_wired_lan_iface }}
+{% endif %}
    bridge_maxwait 0
    dns-nameservers 127.0.0.1
    dns-search {{ iiab_domain }}