backport of 46c36b3e3542ffe5609ab5cc10a60de7335d6cd9 double check after rebase

backport of c837cde92304cfaf4a44c31dfb40bbadfd05fe04

backport of a0102669d2d842163d17d61e254dbd0ba8a3ea92

touch up

backport of a55c0555b6fb92a6b6b239a9dce2fde2100e7ae5

roles/1-prep/tasks/computed_vars.yml

@@ -47,14 +47,51 @@
   file: path=/tmp/heart-beat.txt
         state=absent
 
-- name: no prior domain name
+- name: set FQDN
   set_fact:
-    iiab_domain: "{{ iiab_domain }}"
+    iiab_fqdn: "{{ iiab_hostname }}.{{ iiab_domain }}"
-    iiab_hostname: "{{ iiab_hostname }}"
+    FQDN_changed: False
+
+- name: FQDN changed
+  set_fact:
+    FQDN_changed: True
+  when: iiab_fqdn != ansible_fqdn
 
 # Now check FQDN
 - include: roles/2-common/tasks/hostname.yml
-  when: not first_run and "iiab_hostname.iiab_domain" != ansible_fqdn
+  when: not first_run and FQDN_changed
+
+# Discover  do we have a gateway? -- if ansible detects gateway, becomes WAN candidate
+- name: Finding gateway
+  set_fact:
+    discovered_wan_iface: "{{ ansible_default_ipv4.alias }}"
+  when: 'ansible_default_ipv4.gateway is defined'
+
+- name: Verify gateway present
+  shell: ping -c4 "{{ ansible_default_ipv4.gateway }}" &> /dev/null ; echo $?
+  when: discovered_wan_iface != "none"
+  register: gw_active_test
+
+- name: Recording gateway response
+  set_fact:
+     gw_active: True
+  when: discovered_wan_iface != "none" and gw_active_test.stdout == "0"
+
+- name: Test for internet access
+  get_url: url="{{ iiab_download_url }}/heart-beat.txt" dest=/tmp/heart-beat.txt
+  ignore_errors: True
+#  async: 10
+#  poll: 2
+  register: internet_access_test
+
+- name: Set internet_available true if wget succeeded
+  set_fact:
+     internet_available: True
+  when: not internet_access_test|failed and not disregard_network
+
+- name: Cleanup internet test file
+  file: path=/tmp/heart-beat.txt
+        state=absent
 
 # Put all computed vars here so derive properly from any prior var file
 - name: If the TZ is not set in env, set it to UTC
@@ -190,3 +227,9 @@
       value:  '{{ gw_active }}'
     - option: 'internet_available'
       value:  '{{ internet_available }}'
+    - option: 'first_run'
+      value:  '{{ first_run }}'
+    - option: 'local_tz'
+      value:  '{{ local_tz }}'
+    - option: 'FQDN_changed'
+      value:  '{{ FQDN_changed }}'

roles/network/tasks/detected_network.yml

@@ -1,7 +1,7 @@
 - name: iiab_wan_device
-  shell: "cat /etc/sysconfig/iiab_wan_device"
+  shell: grep IIAB_WAN_DEVICE /etc/iiab/iiab.env | awk -F "=" '{print $2}'
-  register: prior_gw
   when: not first_run
+  register: prior_gw
 
 - name: Checking for old device gateway interface for device test
   set_fact:

roles/network/tasks/enable_services.yml

@@ -70,8 +70,10 @@
   when: not dansguardian_enabled and dansguardian_install
 
 - name: Create xs_httpcache flag
-  shell: echo 1 > /etc/sysconfig/xs_httpcache_on
+  lineinfile: dest=/etc/iiab/iiab.env
-         creates=/etc/sysconfig/xs_httpcache_on
+              regexp='^HTTPCACHE_ON=*'
+              line='HTTPCACHE_ON=True'
+              state=present
   when: squid_enabled and squid_install
 
 - name: Enable Squid service
@@ -105,8 +107,10 @@
   when: not squid_enabled and squid_install
 
 - name: Remove xs_httpcache flag
-  file: path=/etc/sysconfig/xs_httpcache_on
+  lineinfile: dest=/etc/iiab/iiab.env
-        state=absent
+              regexp='^HTTPCACHE_ON=*'
+              line='HTTPCACHE_ON=False'
+              state=present
   when: not squid_enabled
 
 - name: Enable Wondershaper service

roles/network/tasks/main.yml

@@ -81,17 +81,26 @@
     - network
   when: is_debuntu and is_rpi  and not installing
 
-- name: Create IIAB network flags
+- name: Record iiab_wan_device
-  template: src=network/{{ item }}.j2
+  lineinfile: dest=/etc/iiab/iiab.env
-            dest=/etc/sysconfig/{{ item }}
+              regexp='^IIAB_WAN_DEVICE=*'
-            mode=0644
+              line='IIAB_WAN_DEVICE="{{ iiab_wan_iface }}"'
-  with_items:
+              state=present
-    - iiab_wan_device
-    - iiab_lan_device
   when: not installing
   tags:
     - network
 
+- name: Record iiab_lan_device
+  lineinfile: dest=/etc/iiab/iiab.env
+              regexp='^IIAB_LAN_DEVICE=*'
+              line='IIAB_LAN_DEVICE="{{ iiab_lan_iface }}"'
+              state=present
+  when: not installing
+  tags:
+    - network
+
+#### end network layout
+#### start services
 - include_tasks: computed_services.yml
   tags:
     - network

roles/network/templates/gateway/iiab-gen-iptables

@@ -1,4 +1,5 @@
 #!/bin/bash -x
+source /etc/iiab/iiab.env
 {% if is_debuntu %}
 IPTABLES=/sbin/iptables
 IPTABLES_DATA=/etc/iptables.up.rules
@@ -6,8 +7,8 @@ IPTABLES_DATA=/etc/iptables.up.rules
 IPTABLES=/usr/sbin/iptables
 IPTABLES_DATA=/etc/sysconfig/iptables
 {% endif %}
-LANIF=`cat /etc/sysconfig/iiab_lan_device`
+LANIF=$IIAB_LAN_DEVICE
-WANIF=`cat /etc/sysconfig/iiab_wan_device`
+WANIF=$IIAB_WAN_DEVICE
 MODE=`grep iiab_network_mode_applied  /etc/iiab/iiab.ini | gawk '{print $3}'`
 
 clear_fw() {
@@ -33,7 +34,7 @@ $IPTABLES -A INPUT -p tcp --dport 5984 -j DROP
 $IPTABLES -A INPUT -p udp --dport 5984 -j DROP
 }
 
-if [  "x$WANIF" == "x" ] || [ "$MODE" == 'Appliance' ]; then
+if [  "x$WANIF" == "xnone" ] || [ "$MODE" == 'Appliance' ]; then
     clear_fw
     # save the rule set
 	{% if is_debuntu %}
@@ -119,7 +120,7 @@ if [ "$captive_portal_enabled" == "True" ];then
    $IPTABLES -t mangle -A internet -j MARK --set-mark 99
    $IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }}
 
-elif [ -f /etc/sysconfig/xs_httpcache_on ]; then
+elif [ "$HTTPCACHE_ON" == "True" ]; then
     $IPTABLES  -t nat  -A PREROUTING -i $lan -p tcp --dport 80 ! -d 172.18.96.1 -j DNAT --to 172.18.96.1:3128
 fi