diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0f543665a..e81236bbe 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,7 +2,9 @@ Contributing to Internet-in-a-Box (IIAB) ======================================= Internet-in-a-Box runs on various GNU/Linux operating systems such as Fedora, Ubuntu, Debian, CentOS and Raspbian. -You can install Internet-in-a-Box on most late model desktop and laptop computers. It also supports Intel NUC, Intel Gigabyte BRIX, OLPC XO-1.5, XO-1.75, XO-4, Raspberry Pi 2 and Raspberry Pi 3. A VirtualBox VM can also used for testing purposes. Using Docker containers however is not recommended as our Ansible provisioning system requires low-level access to the operating system. +You can install Internet-in-a-Box on x86_64 PCs/laptops and Raspberry Pi 3 (or 3 B+). Example PC's include Intel NUC and Gigabyte BRIX. Partial support is also available on OLPC laptops like the XO-1.5, XO-1.75 and XO-4. A VirtualBox VM can also be used for testing purposes. Using Docker containers however is not recommended as our Ansible provisioning system requires low-level access to the operating system. + +Finally, running Internet-in-a-Box on the Raspberry Pi Zero W is also possible, if you transfer a working IIAB (microSD card) that was built up inside a Raspberry Pi 3 (or 3 B+). Please refer to [IIAB Platforms](https://github.com/iiab/iiab/wiki/IIAB-Platforms) for more information. @@ -11,12 +13,12 @@ Internet-in-a-Box uses [Ansible](https://www.ansible.com/) infrastructure automa ├── roles │ ├── 1-prep │ │ ├─ defaults -| | | ├──main.yml (lowest precedence variable definitions, overridden by /vars/default_vars.yml, overridden by ./vars/local_vars.yml. +| | | ├──main.yml (lowest precedence variable definitions, overridden by /vars/default_vars.yml, overridden by /etc/iiab/local_vars.yml) │ │ ├── README.rst │ │ ├── tasks | | | ├──main.yml (specifies the actions to install this role │ │ └── templates -| | | ├<(text files where ansible variables are substituted, specified via {% %} containers-(jinja2 language). +| | | ├── %} containers-(jinja2 language)> │ ├── 2-common │ │ ├── README.rst │ │ ├── tasks @@ -24,11 +26,11 @@ Internet-in-a-Box uses [Ansible](https://www.ansible.com/) infrastructure automa ``` At runtime, Ansible gathers system information and makes it available (called 'facts') and combines this with playbook defined 'variables' to guide the installation process. The execution follows a sequence of cascading steps: -1. Bash script `./runansible` follows instructions in `iiab.yml` in the root directory. +1. Bash script `./iiab-install` follows instructions in `iiab-stages.yml` in the root directory. -2. `iiab.yml` calls 9 aggregate roles (the numbered directories under `./roles/`). +2. `iiab-stages.yml` calls 9 aggregate roles (AKA stages, these are the numbered directories under `./roles/`) and then the network role. (Aside: the network role can also later be run using `./iiab-network`) -3. Each aggregate role has a `/meta/main.yml` which calls the individual named roles. +3. Each aggregate role AKA stage has a `/meta/main.yml` which calls its needed roles. Please refer to the [IIAB Architecture](https://github.com/iiab/iiab/wiki/IIAB-Architecture) and [IIAB Variables]( https://github.com/iiab/iiab/wiki/IIAB-Variables) pages for more information. diff --git a/iiab-base.yml b/iiab-base.yml index adf698fb9..de2238008 100644 --- a/iiab-base.yml +++ b/iiab-base.yml @@ -5,7 +5,7 @@ vars_files: - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - - vars/local_vars.yml + - /etc/iiab/local_vars.yml roles: - { role: 0-init, tags: ['0-init'] } diff --git a/iiab-from-console.yml b/iiab-from-console.yml index 97e8de990..c6275a641 100644 --- a/iiab-from-console.yml +++ b/iiab-from-console.yml @@ -5,7 +5,7 @@ vars_files: - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - - vars/local_vars.yml + - /etc/iiab/local_vars.yml - /etc/iiab/config_vars.yml roles: diff --git a/iiab-install b/iiab-install index 7cae43b7b..1a058495e 100755 --- a/iiab-install +++ b/iiab-install @@ -14,6 +14,8 @@ MIN_ANSIBLE_VER=2.5.6 export ANSIBLE_LOG_PATH="$CWD/iiab-install.log" +echo -e "\n\n./iiab-install BEGUN IN /opt/iiab/iiab\n" + if [ ! -f /etc/ansible/facts.d/local_facts.fact ]; then mkdir -p /etc/ansible/facts.d fi @@ -30,7 +32,7 @@ if [ "$1" != "--debug" ] && [ "$1" != "--reinstall" ] && [ "$1" != "" ]; then echo "Use './iiab-install' for regular installs, or to continue an install." echo "Use './iiab-install --reinstall' to force running all Stages 0-9." echo "Use './iiab-install --debug' to run Stage 0, followed by Stages 3-9." - echo "Use './runtags' to run a single Stage or Tag or Role." + echo "Use './runrole' to run a single Stage or Role." echo "Use './iiab-network' to run Network sections." exit 1 fi @@ -109,25 +111,25 @@ if [ -f /etc/iiab/iiab.env ]; then echo -e "\nEXITING: STAGE (counter) in /etc/iiab/iiab.env shows Stage 9 Is Already Done." echo "Use './iiab-install --reinstall' to force running all Stages 0-9." echo "Use './iiab-install --debug' to run Stage 0, followed by Stages 3-9." - echo "Use './runtags' to run a single Stage or Tag or Role." - echo "Use './iiab-network' to run Network sections." - exit 1 + echo "Use './runrole' to run a single Stage or Role." + echo -e "Use './iiab-network' to run Network sections.\n\n" + exit 0 # allows rerunning http://download.iiab.io/6.6/install.txt fi fi if [ "$STAGE" -lt 2 ] && [ "$1" == "--debug" ]; then echo -e "\n'--debug' *ignored* as STAGE (counter) < 2." fi -# If vars/local_vars.yml is missing, put a default file in place. -if [ ! -f ./vars/local_vars.yml ]; then +# If /etc/iiab/local_vars.yml is missing, put a default file in place. +if [ ! -f /etc/iiab/local_vars.yml ]; then case $OS in OLPC | fedora) - cp ./vars/local_vars_olpc.yml ./vars/local_vars.yml - echo -e "\nvars/local_vars.yml created from local_vars_olpc.yml defaults." + cp ./vars/local_vars_olpc.yml /etc/iiab/local_vars.yml + echo -e "\n/etc/iiab/local_vars.yml created from /opt/iiab/iiab/vars/local_vars_olpc.yml defaults." ;; centos | debian | ubuntu | raspbian) - cp ./vars/local_vars_medium.yml ./vars/local_vars.yml - echo -e "\nvars/local_vars.yml created from local_vars_medium.yml defaults." + cp ./vars/local_vars_medium.yml /etc/iiab/local_vars.yml + echo -e "\n/etc/iiab/local_vars.yml created from /opt/iiab/iiab/vars/local_vars_medium.yml defaults." echo "See MIN/MEDIUM/BIG options @ http://wiki.iiab.io/local_vars.yml" ;; *) @@ -142,3 +144,5 @@ echo -e "\nRunning local playbooks....Stage 0 will now run....followed by Stages ansible -m setup -i $INVENTORY localhost --connection=local >> /dev/null ansible-playbook -i $INVENTORY $PLAYBOOK ${ARGS} --connection=local + +echo -e "\n./iiab-install COMPLETED IN /opt/iiab/iiab\n\n" diff --git a/iiab-network.yml b/iiab-network.yml index 989108cb3..721bedac9 100644 --- a/iiab-network.yml +++ b/iiab-network.yml @@ -5,7 +5,7 @@ vars_files: - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - - vars/local_vars.yml + - /etc/iiab/local_vars.yml - /etc/iiab/config_vars.yml roles: diff --git a/iiab-stages.yml b/iiab-stages.yml index 0f0d0ae56..35db6f84f 100644 --- a/iiab-stages.yml +++ b/iiab-stages.yml @@ -6,7 +6,7 @@ - roles/0-init/defaults/main.yml - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - - vars/local_vars.yml + - /etc/iiab/local_vars.yml tasks: diff --git a/iiab.yml b/iiab.yml.deprecated similarity index 96% rename from iiab.yml rename to iiab.yml.deprecated index 721203544..d387a1d7c 100644 --- a/iiab.yml +++ b/iiab.yml.deprecated @@ -5,7 +5,7 @@ vars_files: - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - - vars/local_vars.yml + - /etc/iiab/local_vars.yml - /etc/iiab/config_vars.yml roles: diff --git a/install-support b/install-support index 79439f2f7..b5ae9a12e 100755 --- a/install-support +++ b/install-support @@ -14,7 +14,7 @@ then exit 1 fi -sed -i -e "s/openvpn_install: False/openvpn_install: True/" vars/local_vars.yml -sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" vars/local_vars.yml +sed -i -e "s/openvpn_install: False/openvpn_install: True/" /etc/iiab/local_vars.yml +sed -i -e "s/openvpn_enabled: False/openvpn_enabled: True/" /etc/iiab/local_vars.yml ansible-playbook -i $INVENTORY $PLAYBOOK --connection=local diff --git a/roles/4-server-options/README.rst b/roles/4-server-options/README.rst index ca4afb22a..61d79f77e 100644 --- a/roles/4-server-options/README.rst +++ b/roles/4-server-options/README.rst @@ -2,7 +2,7 @@ 4-server-options README ======================= -Whereas 3-base-server installs critical packages needed by all, this 4th stage installs a broad array of *options* -- depending on which server apps will be installed in later stages -- as specified in /opt/iiab/iiab/vars/local_vars.yml +Whereas 3-base-server installs critical packages needed by all, this 4th stage installs a broad array of *options* -- depending on which server apps will be installed in later stages -- as specified in /etc/iiab/local_vars.yml This includes some networking fundamentals, before they're configured later on. diff --git a/roles/calibre/defaults/main.yml b/roles/calibre/defaults/main.yml index 4cbfc1caa..a89171f8b 100644 --- a/roles/calibre/defaults/main.yml +++ b/roles/calibre/defaults/main.yml @@ -21,5 +21,5 @@ calibre_src_url: "https://raw.githubusercontent.com/kovidgoyal/calibre/master/se # USE TO TEST debs.yml (RASPBIAN APPROACH!) ON DEBIAN 9.X: (now handled by calibre_via_debs in /opt/iiab/iiab/vars/*) #calibre_debs_on_debian: True -# Enable unstable .deb's, not just testing .deb's: (moved to vars/local_vars.yml & vars/default_vars.yml) +# Enable unstable .deb's, not just testing .deb's: (moved to /etc/iiab/local_vars.yml & /opt/iiab/iiab/vars/default_vars.yml) #calibre_unstable_debs: False diff --git a/roles/calibre/templates/calibre.conf b/roles/calibre/templates/calibre.conf index 7318a51fb..5f5317268 100644 --- a/roles/calibre/templates/calibre.conf +++ b/roles/calibre/templates/calibre.conf @@ -1,4 +1,4 @@ -# http://box/XYZ mnemonic if properly set within /opt/iiab/iiab/vars/local_vars.yml +# http://box/XYZ mnemonic if properly set within /etc/iiab/local_vars.yml ProxyPass /{{ calibre_web_path }} http://localhost:{{ calibre_port }} ProxyPassReverse /{{ calibre_web_path }} http://localhost:{{ calibre_port }} diff --git a/roles/kalite/defaults/main.yml b/roles/kalite/defaults/main.yml index e2c992e1e..3d4683c0f 100644 --- a/roles/kalite/defaults/main.yml +++ b/roles/kalite/defaults/main.yml @@ -1,5 +1,5 @@ # The values here are defaults. -# To override them edit the main var definitions in /opt/iiab/iiab/vars/local_vars.yml +# To override them edit /etc/iiab/local_vars.yml kalite_install: True kalite_enabled: False diff --git a/roles/kolibri/defaults/main.yml b/roles/kolibri/defaults/main.yml index 1d9f660bf..990ac7b5e 100644 --- a/roles/kolibri/defaults/main.yml +++ b/roles/kolibri/defaults/main.yml @@ -1,5 +1,5 @@ # The values here are defaults. -# To override them edit /opt/iiab/iiab/vars/local_vars.yml +# To override them edit /etc/iiab/local_vars.yml # Installation Variables kolibri_install: False diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 61f622f03..9adbf7ad8 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -44,7 +44,7 @@ hostapd_wait: 1 host_wifi_mode: g host_channel: 6 host_wireless_n: False -# Below moved to /opt/iiab/iiab/vars/local_vars.yml: (so implementer sets this) +# Below moved to /etc/iiab/local_vars.yml: (so implementer sets this) #host_country_code: US hostapd_secure: True hostapd_password: "iiab2017" diff --git a/roles/network/tasks/named.yml b/roles/network/tasks/named.yml index bfeaa7c16..90dd17706 100644 --- a/roles/network/tasks/named.yml +++ b/roles/network/tasks/named.yml @@ -1,6 +1,7 @@ - name: Install named packages (debuntu) - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - bind9 - bind9utils @@ -9,8 +10,9 @@ - download - name: Install named packages (OS's that are not debuntu) - package: name={{ item }} - state=present + package: + name: "{{ item }}" + state: present with_items: - bind - bind-utils @@ -20,76 +22,87 @@ # or we have to change the serial number in the config files. - name: Stop named before copying files - service: name={{ dns_service }} state=stopped + service: + name: "{{ dns_service }}" + state: stopped when: first_run and is_debuntu - name: Set folder permission - file: path={{ item }} - owner={{ dns_user }} - group=root - mode=0755 - state=directory + file: + path: "{{ item }}" + owner: "{{ dns_user }}" + group: root + mode: 0755 + state: directory with_items: - /var/named-iiab - /var/named-iiab/data - /etc/sysconfig/olpc-scripts/domain_config.d - name: Configure named - template: src={{ item.src }} - dest={{ item.dest }} - owner={{ item.owner }} - group=root - mode={{ item.mode }} + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + owner: "{{ item.owner }}" + group: root + mode: "{{ item.mode }}" with_items: - - { src: 'roles/network/templates/named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root" , mode: '0644' } - - { src: 'roles/network/templates/named/named.j2', dest: '/etc/sysconfig/named', owner: "root" , mode: '0644' } - - { src: 'roles/network/templates/named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root" , mode: '0644' } - - { src: 'roles/network/templates/named/localdomain.zone', dest: '/var/named-iiab/localdomain.zone',owner: "{{ dns_user }}" , mode: '0644' } - - { src: 'roles/network/templates/named/localhost.zone', dest: '/var/named-iiab/localhost.zone', owner: "{{ dns_user }}" , mode: '0644' } - - { src: 'roles/network/templates/named/named.broadcast', dest: '/var/named-iiab/named.broadcast', owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/named.ip6.local', dest: '/var/named-iiab/named.ip6.local' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/named.local', dest: '/var/named-iiab/named.local' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/named.rfc1912.zones', dest: '/var/named-iiab/named.rfc1912.zones' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/named.root', dest: '/var/named-iiab/named.root' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/named.root.hints', dest: '/var/named-iiab/named.root.hints' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/named.zero', dest: '/var/named-iiab/named.zero' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/school.external.zone.db', dest: '/var/named-iiab/school.external.zone.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.16.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.32.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.48.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/named-iiab.conf.j2', dest: '/etc/named-iiab.conf', owner: "root", mode: '0644' } + - { src: 'roles/network/templates/named/named.j2', dest: '/etc/sysconfig/named', owner: "root", mode: '0644' } + - { src: 'roles/network/templates/named/named', dest: '/etc/sysconfig/olpc-scripts/domain_config.d/named', owner: "root", mode: '0644' } + - { src: 'roles/network/templates/named/localdomain.zone', dest: '/var/named-iiab/localdomain.zone', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/localhost.zone', dest: '/var/named-iiab/localhost.zone', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.broadcast', dest: '/var/named-iiab/named.broadcast', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.ip6.local', dest: '/var/named-iiab/named.ip6.local', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.local', dest: '/var/named-iiab/named.local', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.rfc1912.zones', dest: '/var/named-iiab/named.rfc1912.zones', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.root', dest: '/var/named-iiab/named.root', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.root.hints', dest: '/var/named-iiab/named.root.hints', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.zero', dest: '/var/named-iiab/named.zero', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/school.external.zone.db', dest: '/var/named-iiab/school.external.zone.db', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/school.internal.zone.16.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.16.in-addr.db', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/school.internal.zone.32.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.32.in-addr.db', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/school.internal.zone.48.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.48.in-addr.db', owner: "{{ dns_user }}", mode: '0644' } # the following two files are not writeable by named, but bind 9.4 cannot discover that fact correctly - - { src: 'roles/network/templates/named/school.internal.zone.db', dest: '/var/named-iiab/school.internal.zone.db' , owner: "root" , mode: '0644'} - - { src: 'roles/network/templates/named/school.local.zone.db', dest: '/var/named-iiab/school.local.zone.db' , owner: "root" , mode: '0644'} - - { src: 'roles/network/templates/named/school.internal.zone.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.in-addr.db' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/dummy', dest: '/var/named-iiab/data/dummy' , owner: "{{ dns_user }}" , mode: '0644'} - - { src: 'roles/network/templates/named/named.blackhole', dest: '/var/named-iiab/named.blackhole' , owner: "{{ dns_user }}" , mode: '0644'} + - { src: 'roles/network/templates/named/school.internal.zone.db', dest: '/var/named-iiab/school.internal.zone.db', owner: "root", mode: '0644' } + - { src: 'roles/network/templates/named/school.local.zone.db', dest: '/var/named-iiab/school.local.zone.db', owner: "root", mode: '0644' } + - { src: 'roles/network/templates/named/school.internal.zone.in-addr.db.j2', dest: '/var/named-iiab/school.internal.zone.in-addr.db', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/dummy', dest: '/var/named-iiab/data/dummy', owner: "{{ dns_user }}", mode: '0644' } + - { src: 'roles/network/templates/named/named.blackhole', dest: '/var/named-iiab/named.blackhole', owner: "{{ dns_user }}", mode: '0644' } - name: Substitute our unit file which uses $OPTIONS from sysconfig - template: src=roles/network/templates/named/{{ dns_service }}.service - dest=/etc/systemd/system/{{ dns_service }}.service - mode=0644 + template: + src: "roles/network/templates/named/{{ dns_service }}.service" + dest: "/etc/systemd/system/{{ dns_service }}.service" + mode: 0644 -- name: The dns-jail redirect requires the named.blackhole,disabling recursion +- name: The dns-jail redirect requires the named.blackhole, disabling recursion # in named-iiab.conf, and the redirection of 404 error documents to / - template: src=roles/network/templates/named/dns-jail.conf dest=/etc/{{ apache_config_dir }}/ + template: + src: roles/network/templates/named/dns-jail.conf + dest: "/etc/{{ apache_config_dir }}/" when: dns_jail_enabled -- name: Separate enabling required for debuntu - file: src=/etc/{{ apache_config_dir }}/dns-jail.conf - path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf - state=link +- name: Separate enabling required (debuntu) + file: + src: "/etc/{{ apache_config_dir }}/dns-jail.conf" + path: "/etc/{{ apache_service }}/sites-enabled/dns-jail.conf" + state: link when: is_debuntu and dns_jail_enabled -- name: Separate enabling/disabling required (debuntu) - file: src=/etc/{{ apache_config_dir }}/dns-jail.conf - path=/etc/{{ apache_service }}/sites-enabled/dns-jail.conf - state=absent +- name: Separate disabling required (debuntu) + file: + path: "/etc/{{ apache_service }}/sites-enabled/dns-jail.conf" + state: absent when: is_debuntu and not dns_jail_enabled - name: Separate enabling/disabling required (OS's that are not debuntu) - file: path=/etc/{{ apache_config_dir }}/dns-jail.conf - state=absent + file: + path: "/etc/{{ apache_config_dir }}/dns-jail.conf" + state: absent when: not is_debuntu and not dns_jail_enabled - name: Start named after copying files - service: name={{ dns_service }} state=started + service: + name: "{{ dns_service }}" + state: started diff --git a/roles/rachel/README.rst b/roles/rachel/README.rst index ac07828cb..31aa1453d 100644 --- a/roles/rachel/README.rst +++ b/roles/rachel/README.rst @@ -13,7 +13,7 @@ Do the following: * cd /library/rachel * mv /library/rachelusb_32EN_3.1.4/RACHEL/bin . * you should see /library/rachel/bin/www/index.php -* re-run ansible (making sure that rachel_enabled: True has been set in vars/local_vars.yml +* re-run ansible (making sure that rachel_enabled: True has been set in /etc/iiab/local_vars.yml Locations --------- diff --git a/run-one-role.yml b/run-one-role.yml index e1ae27c2f..abd41ff1d 100644 --- a/run-one-role.yml +++ b/run-one-role.yml @@ -5,7 +5,7 @@ vars_files: - vars/default_vars.yml - vars/{{ ansible_local.local_facts.os_ver }}.yml - - vars/local_vars.yml + - /etc/iiab/local_vars.yml - /etc/iiab/config_vars.yml roles: diff --git a/scripts/ansible b/scripts/ansible index 666485305..91f74eeb7 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -21,7 +21,7 @@ CURR_VER="undefined" export DEBIAN_FRONTEND=noninteractive if [ ! `command -v ansible-playbook` ]; then # "command -v" is POSIX compliant; also catches built-in commands like "cd" - echo "Installing --- Please Wait" + echo "scripts/ansible will now try to install Ansible --- Please Wait" if [ -f /etc/centos-release ]; then yum -y install ca-certificates nss epel-release yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python @@ -74,7 +74,7 @@ else #if [[ `grep -qi ansible /etc/apt/sources.list` ]] || [ -f /etc/apt/sources.list.d/ansible*.list ]; then elif (grep -qi ansible /etc/apt/sources.list) || (ls /etc/apt/sources.list.d/*ansible*.list >/dev/null 2>&1) ; then #echo "Ansible repo(s) found within /etc/apt/sources.list*" - echo -e 'MANUAL INTERVENTION URGED:\nANSIBLE REPO(S) FOUND WITHIN /etc/apt/sources.list AND/OR /etc/apt/sources.list.d/*ansible*.list -- MUST CONTAIN LINE "deb http://ppa.launchpad.net/ansible/ansible/ubuntu xenial main" IF YOU WANT THE LATEST ANSIBLE -- AND REMOVE ALL SIMILAR LINES TO ENSURE ANSIBLE UPDATES CLEANLY -- then re-run this script.\n' + echo -e 'CONSIDER MANUAL INTERVENTION:\nANSIBLE REPO(S) FOUND WITHIN /etc/apt/sources.list AND/OR /etc/apt/sources.list.d/*ansible*.list -- MUST CONTAIN LINE "deb http://ppa.launchpad.net/ansible/ansible/ubuntu xenial main" IF YOU WANT THE LATEST ANSIBLE -- AND REMOVE ALL SIMILAR LINES TO ENSURE ANSIBLE UPDATES CLEANLY -- then re-run this script.\n' else echo -e 'Upstream ansible source repo not found:\nPLEASE UNINSTALL ANSIBLE (run "apt purge ansible" or "pip uninstall ansible", depending how Ansible was originally installed) THEN RE-RUN THIS SCRIPT.' exit 1 diff --git a/scripts/ansible-2.6.x b/scripts/ansible-2.6.x index f8cf8b077..b051ff203 100755 --- a/scripts/ansible-2.6.x +++ b/scripts/ansible-2.6.x @@ -21,7 +21,7 @@ CURR_VER="undefined" export DEBIAN_FRONTEND=noninteractive if [ ! `command -v ansible-playbook` ]; then # "command -v" is POSIX compliant; also catches built-in commands like "cd" - echo "Installing --- Please Wait" + echo "scripts/ansible-2.6.x will now try to install Ansible --- Please Wait" if [ -f /etc/centos-release ]; then yum -y install ca-certificates nss epel-release yum -y install git bzip2 file findutils gzip hg svn sudo tar which unzip xz zip libselinux-python @@ -74,7 +74,7 @@ else #if [[ `grep -qi ansible /etc/apt/sources.list` ]] || [ -f /etc/apt/sources.list.d/ansible*.list ]; then elif (grep -qi ansible /etc/apt/sources.list) || (ls /etc/apt/sources.list.d/*ansible*.list >/dev/null 2>&1) ; then #echo "Ansible repo(s) found within /etc/apt/sources.list*" - echo -e 'MANUAL INTERVENTION URGED:\nANSIBLE REPO(S) FOUND WITHIN /etc/apt/sources.list AND/OR /etc/apt/sources.list.d/*ansible*.list -- MUST CONTAIN LINE "deb http://ppa.launchpad.net/ansible/ansible-2.6/ubuntu xenial main" IF YOU WANT THE LATEST ANSIBLE 2.6.x -- AND REMOVE ALL SIMILAR LINES TO ENSURE ANSIBLE UPDATES CLEANLY -- then re-run this script.\n' + echo -e 'CONSIDER MANUAL INTERVENTION:\nANSIBLE REPO(S) FOUND WITHIN /etc/apt/sources.list AND/OR /etc/apt/sources.list.d/*ansible*.list -- MUST CONTAIN LINE "deb http://ppa.launchpad.net/ansible/ansible-2.6/ubuntu xenial main" IF YOU WANT THE LATEST ANSIBLE 2.6.x -- AND REMOVE ALL SIMILAR LINES TO ENSURE ANSIBLE UPDATES CLEANLY -- then re-run this script.\n' else echo -e 'Upstream ansible source repo not found:\nPLEASE UNINSTALL ANSIBLE (run "apt purge ansible" or "pip uninstall ansible", depending how Ansible was originally installed) THEN RE-RUN THIS SCRIPT.' exit 1 diff --git a/vars/default_vars.yml b/vars/default_vars.yml index ce69cc687..015e9ce46 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -1,7 +1,7 @@ # WARNING: DO NOT MODIFY THIS FILE. # CHANGES WILL BE LOST IF YOU DO A GIT PULL OR FETCH. -# Instead put changes in local_vars.yml which is not tracked by git: -# http://wiki.iiab.io/local_vars.yml +# Instead put changes in your own /etc/iiab/local_vars.yml +# See http://wiki.iiab.io/local_vars.yml to learn more! # By convention we use True/False to indicate boolean constants. @@ -22,6 +22,7 @@ download_timeout: 200 # Configuration File(s) iiab_config_file: /etc/iiab/iiab.ini +iiab_local_vars_file: /etc/iiab/local_vars.yml service_filelist: "{{ iiab_config_file }}" # The following variable may be useful in debugging @@ -64,7 +65,7 @@ lan_netmask: 255.255.224.0 # Internal Wi-Fi Access Point # Values are used if there is an internal Wi-Fi adapter and hostapd is enabled # The platform variable adapts install to specific hardware (raspberry pi=rpi2) -# Raspbian req WiFi country since March 2018. CHANGE IT IN vars/local_vars.yml +# Raspbian req WiFi country since March 2018. CHANGE IT IN /etc/iiab/local_vars.yml host_country_code: US host_ssid: "Internet in a Box" host_wifi_mode: g @@ -109,6 +110,7 @@ block_DNS: False dnsmasq_install: True dnsmasq_enabled: False +# Enable in local_vars.yml AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" dns_jail_enabled: False # For @tim-moody's Nodogsplash approach to Captive Portal? High experimental as of June 2018: github.com/iiab/iiab/issues/608 @@ -193,15 +195,15 @@ openvpn_enabled: False # roles/network runs here (MANY SETTINGS ABOVE) # Homepage -# Default to the GUI where the selection is made or override in local_vars.yml iiab_home_url: /home -# You can change iiab_home_url in local_vars.yml in order to get a different -# homepage. For example one of the following: (assuming they are enabled) +# You can change iiab_home_url in /etc/iiab/local_vars.yml to get a different +# homepage. For example one of the following: (if its service is enabled!) # iiab_home_url: /home # iiab_home_url: /wordpress -# iiab_home_url: /wiki - either dokuwiki or mediawiki +# iiab_home_url: /wiki # for dokuwiki +# iiab_home_url: /mediawiki # PostgreSQL auto-installed by Moodle &/or Pathagar as nec, no need to touch! # roles/1-prep/tasks/computed_vars.yml, roles/4-server-options/tasks/main.yml @@ -413,9 +415,10 @@ xovis_chart_heading: "My School: Usage Data Visualization" # wide to narrow is_debuntu: False is_ubuntu: False -is_ubuntu_16: False is_ubuntu_18: False +is_ubuntu_16: False is_debian: False +is_debian_10: False is_debian_9: False is_debian_8: False is_rpi: False diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml index 66f5bd196..56a81d9e8 100644 --- a/vars/local_vars_big.yml +++ b/vars/local_vars_big.yml @@ -1,4 +1,4 @@ -# This is local_vars_big.yml -- copy it to local_vars.yml then... +# This is local_vars_big.yml -- copy it to /etc/iiab/local_vars.yml then... # Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml @@ -51,6 +51,7 @@ iiab_gateway_enabled: False dnsmasq_install: True dnsmasq_enabled: False +# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" dns_jail_enabled: False # Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 diff --git a/vars/local_vars_big_vpn.yml b/vars/local_vars_big_vpn.yml index 054c428df..6911b7c38 100644 --- a/vars/local_vars_big_vpn.yml +++ b/vars/local_vars_big_vpn.yml @@ -1,4 +1,4 @@ -# This is local_vars_big_vpn.yml -- copy it to local_vars.yml then... +# This is local_vars_big_vpn.yml -- copy it to /etc/iiab/local_vars.yml then... # Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml @@ -51,6 +51,7 @@ iiab_gateway_enabled: False dnsmasq_install: True dnsmasq_enabled: False +# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" dns_jail_enabled: False # Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index f45033497..b6be18fed 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -1,4 +1,4 @@ -# This is local_vars_medium.yml -- copy it to local_vars.yml then... +# This is local_vars_medium.yml -- copy it to /etc/iiab/local_vars.yml then... # Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml @@ -51,6 +51,7 @@ iiab_gateway_enabled: False dnsmasq_install: True dnsmasq_enabled: False +# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" dns_jail_enabled: False # Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 diff --git a/vars/local_vars_medium_vpn.yml b/vars/local_vars_medium_vpn.yml index 0750d4a2c..11d2af017 100644 --- a/vars/local_vars_medium_vpn.yml +++ b/vars/local_vars_medium_vpn.yml @@ -1,4 +1,4 @@ -# This is local_vars_medium_vpn.yml -- copy it to local_vars.yml then... +# This is local_vars_medium_vpn.yml -- copy it to /etc/iiab/local_vars.yml then... # Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml @@ -51,6 +51,7 @@ iiab_gateway_enabled: False dnsmasq_install: True dnsmasq_enabled: False +# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" dns_jail_enabled: False # Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml index 6ca4dcb05..c8ce902db 100644 --- a/vars/local_vars_min.yml +++ b/vars/local_vars_min.yml @@ -1,4 +1,4 @@ -# This is local_vars_min.yml -- copy it to local_vars.yml then... +# This is local_vars_min.yml -- copy it to /etc/iiab/local_vars.yml then... # Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml @@ -51,6 +51,7 @@ iiab_gateway_enabled: False dnsmasq_install: True dnsmasq_enabled: False +# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" dns_jail_enabled: False # Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870 diff --git a/vars/local_vars_min_vpn.yml b/vars/local_vars_min_vpn.yml index ec7aeb7bf..31725c58f 100644 --- a/vars/local_vars_min_vpn.yml +++ b/vars/local_vars_min_vpn.yml @@ -1,4 +1,4 @@ -# This is local_vars_min_vpn.yml -- copy it to local_vars.yml then... +# This is local_vars_min_vpn.yml -- copy it to /etc/iiab/local_vars.yml then... # Put variables herein to override /opt/iiab/iiab/vars/default_vars.yml @@ -51,6 +51,7 @@ iiab_gateway_enabled: False dnsmasq_install: True dnsmasq_enabled: False +# Enable AFTER installing IIAB! Then run "cd /opt/iiab/iiab; ./iiab-network" dns_jail_enabled: False # Simple python Captive Portal, that @m-anish & @jvonau are experimenting with in July 2018: github.com/iiab/iiab/pull/870