external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-13 11:42:08 +00:00
Code Issues Releases Wiki Activity
iiab/roles/remoteit/tasks/enable-or-disable.yml

83 lines
3.8 KiB
YAML
Raw Blame History

# Passwords and license keys in /etc/iiab/local_vars.yml are not a healthy
# precedent :/ (Going forward let's try to keep credentials in their own apps)
- name: Copy OPTIONAL remoteit_license_key, e.g. from /etc/iiab/local_vars.yml to /etc/remoteit/registration, if remoteit_license_key is defined
# shell: echo {{ remoteit_license_key }} > /etc/remoteit/registration
template:
src: registration.j2
dest: /etc/remoteit/registration
when: remoteit_license_key is defined
- name: Redact OPTIONAL remoteit_license_key from /etc/iiab/local_vars.yml, if remoteit_license_key is defined
# shell: sed -i '/^remoteit_license_key:/d' {{ iiab_local_vars_file }}
lineinfile:
path: "{{ iiab_local_vars_file }}"
regexp: '^remoteit_license_key:.*'
state: absent
when: remoteit_license_key is defined
- name: Does empty file /etc/remoteit/registration exist?
stat:
path: /etc/remoteit/registration
register: remoteit_reg
- name: Remove empty file /etc/remoteit/registration if remoteit_enabled, so claim code can be generated
file:
path: /etc/remoteit/registration
state: absent
when: remoteit_enabled and remoteit_reg.stat.exists and remoteit_reg.stat.size == 0
# 2022-10-09: refresh.sh is equivalent to their old connectd "parent" systemd
# service, that they removed from 4.15.2 device packages on 2022-09-07.
# (Either way, the job below never deletes /etc/remoteit/registration)
- name: 'Run /usr/share/remoteit/refresh.sh to put a claim code in /etc/remoteit/config.json (if you don''t already have a license key in /etc/remoteit/registration) -- FYI this should spawn 2 "child" services/daemons: schannel & e.g. remoteit@80:00:01:7F:7E:00:56:36.service'
command: /usr/share/remoteit/refresh.sh
when: remoteit_enabled
# - name: Enable & Restart remote.it "parent" service connectd, which exits after spawning 2 "child" services/daemons below
# systemd:
# name: connectd
# daemon_reload: yes
# enabled: yes
# state: restarted
# when: remoteit_enabled
# 2022-10-09: refresh.sh (above) now takes care of this too
# - name: Enable remote.it daemon schannel ("Remote tcp command service") -- try to avoid contention with connectd which auto-spawns it as nec (just above)
# systemd:
# name: schannel
# enabled: yes
# state: started
# when: remoteit_enabled
- name: Disable & Stop remote.it service schannel
systemd:
name: schannel
enabled: no
state: stopped
ignore_errors: yes # 2023-06-12: Let's make these rare-but-unavoidable errors RED very intentionally, as below. Thanks to @neomatrixcode for surfacing this GitHub Actions problem, likely arising from inbound ICMP being blocked during remote.it install and/or above refresh.sh setup: https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#cloud-hosts-used-by-github-hosted-runners
when: not remoteit_enabled
- name: Stop & Disable "Remote tcp connection services" remoteit@* found in /etc/systemd/system/multi-user.target.wants/ e.g. remoteit@80:00:01:7F:7E:00:56:36.service
shell: |
systemctl stop $(ls /etc/systemd/system/multi-user.target.wants/ | grep remoteit@*)
systemctl disable $(ls /etc/systemd/system/multi-user.target.wants/ | grep remoteit@*)
ignore_errors: yes
when: not remoteit_enabled
# - name: Identify remoteit "Remote tcp connection service" unit file name, including uuid, e.g. remoteit@80:00:01:7F:7E:00:56:36.service
# shell: ls /etc/systemd/system/multi-user.target.wants/ | grep remoteit@
# register: remoteit_service
# ignore_errors: yes
# - name: "Disable & Stop the actual service: {{ remoteit_service.stdout }}"
# systemd:
# name: "{{ remoteit_service.stdout }}"
# enabled: no
# state: stopped
# when: not remoteit_enabled and remoteit_service.stdout != ""
# ignore_errors: yes
Reference in a new issue View git blame Copy permalink