mirror of
				https://github.com/iiab/iiab.git
				synced 2025-03-09 15:40:17 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			219 lines
		
	
	
	
		
			12 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable file
		
	
	
	
	
			
		
		
	
	
			219 lines
		
	
	
	
		
			12 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable file
		
	
	
	
	
| #!/bin/bash -e
 | |
| # FWIW "-e" tries to exit right away on error:
 | |
| # https://tldp.org/LDP/abs/html/options.html
 | |
| # https://stackoverflow.com/questions/9952177/whats-the-meaning-of-the-parameter-e-for-bash-shell-command-line/9952249
 | |
| 
 | |
| # PLZ SEE http://FAQ.IIAB.IO > "What is Ansible and what version should I use?"
 | |
| # https://github.com/iiab/iiab/wiki/Technical-Contributors-Guide#understanding-ansible
 | |
| 
 | |
| APT_PATH=/usr/bin     # Avoids problematic /usr/local/bin/apt on Linux Mint
 | |
| CURR_VER=undefined    # Ansible version you have installed, e.g. [core 2.14.1]
 | |
| GOOD_VER=2.14.1       # Orig for 'yum install [rpm]' & XO laptops (pip install)
 | |
| 
 | |
| # 2021-06-22: The apt approach (with PPA source in /etc/apt/sources.list.d/ and
 | |
| # .gpg key etc) are commented out with ### below.  Associated guidance/comments
 | |
| # are intentionally preserved.
 | |
| 
 | |
| # 2021-05-19 PR #2743: As a result of Ansible / Red Hat / IBM's extensive
 | |
| # delays in publishing the PPA (.deb installer files) for ansible-core, this
 | |
| # file bypasses the apt approach (and associated PPA source) in favor of:
 | |
| #
 | |
| # pip3 install --upgrade ansible-core
 | |
| 
 | |
| # 2021-02-25: Latest 'ansible-base' was being installed from PPA, using either
 | |
| # OS 'CODENAME' below: https://launchpad.net/~ansible/+archive/ubuntu/ansible
 | |
| 
 | |
| # 'lsb_release -sc' gives Mint 20 codename 'ulyana' etc: (TOO FINE-GRAINED)
 | |
| ###if grep -q buster /etc/os-release /etc/debian_version; then
 | |
| ###    CODENAME=bionic    # Debian 10, RaspiOS 10 & Buster-like distros
 | |
| ###else
 | |
| ###    CODENAME=focal     # Debian 11+, RaspiOS 11+, Ubuntu 20.04+, Mint 20+ (ETC)
 | |
| ###fi
 | |
| 
 | |
| # APRIL 2021 - ansible-base (2.10) was renamed to ansible-core (2.11+):
 | |
| # https://www.ansible.com/blog/ansible-3.0.0-qa
 | |
| # https://github.com/ansible/ansible/tags
 | |
| # https://github.com/ansible/ansible/releases (OLD)
 | |
| # https://github.com/ansible/ansible/commits/stable-2.14
 | |
| # https://github.com/ansible/ansible/blob/stable-2.14/changelogs/CHANGELOG-v2.14.rst
 | |
| # https://github.com/ansible/ansible/commits/stable-2.13
 | |
| # https://github.com/ansible/ansible/blob/stable-2.13/changelogs/CHANGELOG-v2.13.rst
 | |
| # https://github.com/ansible/ansible/commits/stable-2.12
 | |
| # https://github.com/ansible/ansible/blob/stable-2.12/changelogs/CHANGELOG-v2.12.rst
 | |
| # https://github.com/ansible/ansible/blob/devel/docs/docsite/rst/roadmap/ROADMAP_2_12.rst
 | |
| # https://pypi.org/project/ansible-core/
 | |
| # https://pypi.org/project/ansible-base/
 | |
| # https://releases.ansible.com/ansible-core/
 | |
| # https://releases.ansible.com/ansible-base/ (OLD)
 | |
| # https://launchpad.net/~ansible
 | |
| # https://launchpad.net/~ansible-gha
 | |
| # https://launchpad.net/~ansible/+archive/ubuntu/ansible
 | |
| # https://launchpad.net/~ansible/+archive/ubuntu/ansible-2.10 (OLD)
 | |
| # http://ppa.launchpad.net/ansible/ansible/ubuntu/pool/main/a/ansible/
 | |
| # http://ppa.launchpad.net/ansible/ansible/ubuntu/pool/main/a/ansible-core/
 | |
| 
 | |
| # FYI .travis.yml installs ansible-core in a slightly different way (PRs #2689 & #2743)
 | |
| 
 | |
| # IIAB implementers might instead consider these 4 GENERAL TECHNIQUES below
 | |
| # ("in an emergency!") e.g. if apt fails & you need a newer/older Ansible:
 | |
| 
 | |
| # TEMPORARILY USE pip3 to install the latest ansible-core as listed at
 | |
| # https://pypi.org/project/ansible-core/ (REMOVE W/ "pip3 uninstall ansible-core")
 | |
| #apt install python3-pymysql python3-psycopg2 python3-passlib python3-pip python3-setuptools python3-packaging python3-venv virtualenv
 | |
| #pip3 install --upgrade ansible-core    # Then start a new shell, so /usr/local/bin works
 | |
| #ansible-galaxy collection install -r collections.yml
 | |
| 
 | |
| # TEMPORARILY USE ansible-base 2.10.17 (REMOVE W/ "pip3 uninstall ansible-base")
 | |
| #apt install python3-pip
 | |
| #pip3 install ansible-base==2.10.17   # Start new shell, so /usr/local/bin works
 | |
| 
 | |
| # TEMPORARILY USE ANSIBLE 2.9.27 (REMOVE IT WITH "pip3 uninstall ansible")
 | |
| #apt install python3-pip
 | |
| #pip3 install ansible==2.9.27
 | |
| 
 | |
| # TEMPORARILY USE ANSIBLE 2.4.2 DUE TO 2.4.3 MEMORY BUG. Details: iiab/iiab#669
 | |
| #echo "Install https://download.iiab.io/packages/ansible_2.4.2.0-1ppa~xenial_all.deb"
 | |
| #cd /tmp
 | |
| #wget https://download.iiab.io/packages/ansible_2.4.2.0-1ppa~xenial_all.deb
 | |
| #apt -y --allow-downgrades install ./ansible_2.4.2.0-1ppa~xenial_all.deb
 | |
| 
 | |
| export DEBIAN_FRONTEND=noninteractive
 | |
| # Why 'noninteractive' appears needed:
 | |
| # https://github.com/iiab/iiab/issues/564#issuecomment-347264985
 | |
| 
 | |
| echo -e "\n\nYOU ARE RUNNING: /opt/iiab/iiab/scripts/ansible (TO INSTALL ANSIBLE ETC)\n"
 | |
| #echo -e 'Alternative:     /opt/iiab/iiab/scripts/ansible-2.9.x ("Slow Food")\n'
 | |
| 
 | |
| echo -e "RECOMMENDED PREREQUISITES:"
 | |
| echo -e "(1) Verify you're online"
 | |
| echo -e "(2) Remove all prior versions of Ansible using..."
 | |
| echo -e "    'apt purge ansible-core'  and/or  'pip3 uninstall ansible-core'  and/or"
 | |
| echo -e "    'apt purge ansible-base'  and/or  'pip3 uninstall ansible-base'  and/or"
 | |
| echo -e "    'apt purge ansible'       and/or  'pip3 uninstall ansible'"
 | |
| echo -e "(3) Remove all lines containing 'ansible' from..."
 | |
| echo -e "    /etc/apt/sources.list and /etc/apt/sources.list.d/*\n"
 | |
| 
 | |
| echo -e "IIAB INSTALL INSTRUCTIONS: (OLDER, MANUAL APPROACH)"
 | |
| echo -e "https://github.com/iiab/iiab/wiki/IIAB-Installation#do-everything-from-scratch\n"
 | |
| 
 | |
| if [ $(command -v ansible) ]; then    # "command -v" is POSIX compliant; also catches built-in commands like "cd"
 | |
|     CURR_VER=$(ansible --version | head -1 | cut -f 2- -d " ")
 | |
|     # Above works with 'ansible [core 2.11.0rc2]' -- these old ways do not:
 | |
|     #CURR_VER=$(ansible --version | head -1 | awk '{print $2}')
 | |
|     #CURR_VER=$(ansible --version | head -1 | sed -e 's/.* //')
 | |
|     echo -e "CURRENTLY INSTALLED ANSIBLE: $CURR_VER -- LET'S TRY TO UPGRADE IT!"
 | |
| else
 | |
|     echo -e "ANSIBLE NOT FOUND ON THIS COMPUTER -- LET'S TRY TO INSTALL IT!"
 | |
| fi
 | |
| echo -e "(Internet-in-a-Box requests ansible-core $GOOD_VER or higher)\n"
 | |
| 
 | |
| # Code above designed to work on all Linux distributions, to preserve options,
 | |
| # in support of any volunteer(s) wanting to port IIAB to a new Linux/distro.
 | |
| if [ ! -f /etc/debian_version ]; then    # e.g. RaspiOS, Ubuntu, Mint & Debian
 | |
|     echo -e "\nEXITING: /etc/debian_version FILE NOT FOUND.  Linux OS support info here:"
 | |
|     echo -e "           https://github.com/iiab/iiab/wiki/IIAB-Platforms\n"
 | |
|     exit 1
 | |
| fi
 | |
| 
 | |
| # 2021-04-26: JV & @holta WIP.  The apt-key command is going away, and the past
 | |
| # practice of putting keys in /etc/apt/trusted.gpg.d is considered insecure:
 | |
| # https://www.linuxuprising.com/2021/01/apt-key-is-deprecated-how-to-add.html
 | |
| # https://askubuntu.com/questions/1286545/what-commands-exactly-should-replace-the-deprecated-apt-key/1307181#1307181
 | |
| # So we put .gpg key in repo iiab/iiab, also for reliable installs/containers.
 | |
| 
 | |
| #echo -e "\napt update; install dirmngr; PPA to /etc/apt/sources.list.d/iiab-ansible.list\n"
 | |
| #$APT_PATH/apt update
 | |
| #$APT_PATH/apt -y install dirmngr
 | |
| #echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu $CODENAME main" \
 | |
| ###echo "deb [signed-by=/usr/share/keyrings/iiab-ansible-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu $CODENAME main" \
 | |
| ###     > /etc/apt/sources.list.d/iiab-ansible.list
 | |
| 
 | |
| # 2022-11-09: ansible-core 2.12.10+ PPA works on 32-bit RasPiOS, until upstream wheels -> cryptography is fixed (PR #3421)
 | |
| echo "deb [signed-by=/usr/share/keyrings/iiab-ansible-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu focal main" \
 | |
|      > /etc/apt/sources.list.d/iiab-ansible.list
 | |
| 
 | |
| # In future we might instead consider 'add-apt-repository ppa:ansible/ansible'
 | |
| # or 'apt-add-repository ppa:ansible/bionic/ansible' etc, e.g. for streamlined
 | |
| # removal using 'apt-add-repository -r' -- however that currently requires
 | |
| # 'apt install software-properties-common' which drags in a dozen packages we
 | |
| # might not want, e.g. unattended-upgrades, packagekit etc.
 | |
| 
 | |
| # 2020-08-20: TEMP WORKAROUND (REVERT TO ANSIBLE 2.9.6) MITIGATING
 | |
| # iiab/iiab#2481 (Ansible 2.9.12 and 2.10.0's 666-TO-600 file permissions
 | |
| # problem).  This workaround installs 2.9.6-1ppa~disco onto RaspiOS, from
 | |
| # https://launchpad.net/~ansible/+archive/ubuntu/ansible
 | |
| #echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu disco main" \
 | |
| #    > /etc/apt/sources.list.d/iiab-ansible.list
 | |
| 
 | |
| # 2021-04-26: JV & @holta WIP: (see above)
 | |
| #echo -e '\nIF YOU FACE ERROR "signatures couldn'"'"'t be verified because the public key is not available" THEN REPEATEDLY RE-RUN "sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367"\n'
 | |
| #apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 93C4A3FD7BB9C367
 | |
| ###cp /opt/iiab/iiab/scripts/iiab-ansible-keyring.gpg /usr/share/keyrings/iiab-ansible-keyring.gpg
 | |
| #chmod 644 /usr/share/keyrings/iiab-ansible-keyring.gpg
 | |
| 
 | |
| # 2022-11-09: ansible-core 2.12.10+ PPA works on 32-bit RasPiOS, until upstream wheels -> cryptography is fixed (PR #3421)
 | |
| cp /opt/iiab/iiab/scripts/iiab-ansible-keyring.gpg /usr/share/keyrings/iiab-ansible-keyring.gpg
 | |
| 
 | |
| ###echo -e 'PPA source "deb [signed-by=/usr/share/keyrings/iiab-ansible-keyring.gpg] http://ppa.launchpad.net/ansible/ansible/ubuntu '$CODENAME' main"'
 | |
| ###echo -e "successfully saved to /etc/apt/sources.list.d/iiab-ansible.list\n"
 | |
| ###echo -e "IF *OTHER* ANSIBLE SOURCES APPEAR BELOW, PLEASE MANUALLY REMOVE THEM TO"
 | |
| ###echo -e 'ENSURE ANSIBLE UPDATES CLEANLY: (then re-run this script to be sure!)\n'
 | |
| ###grep '^deb .*ansible' /etc/apt/sources.list /etc/apt/sources.list.d/*.list | grep -v '^/etc/apt/sources.list.d/iiab-ansible.list:' || true    # Override bash -e (instead of aborting at 1st error)
 | |
| 
 | |
| echo -e "\napt update; apt install python3-pip    # Also installs 'python3-setuptools' and 'python3' etc"
 | |
| #echo -e "https://github.com/iiab/iiab/blob/master/scripts/ansible.md\n"
 | |
| $APT_PATH/apt update
 | |
| $APT_PATH/apt -y install python3-pip
 | |
| 
 | |
| # 2021-07-29:
 | |
| # 'python3-packaging' dropped for now
 | |
| # 'python3-pymysql' (drags in 'python3' which drags in 'python3-venv' on Debian 11 but not on Ubuntu 20.04) -- moved to roles/mysql/tasks/install.yml
 | |
| # 'python3-psycopg2' moved to roles/postgresql/tasks/install.yml
 | |
| # 'python3-passlib' moved to roles/munin/tasks/install.yml
 | |
| # 'python3-venv' moved to roles/2-common/tasks/packages.yml
 | |
| # 'virtualenv' for Python 2 moved to roles/kalite/tasks/install.yml
 | |
| #
 | |
| #$APT_PATH/apt -y install \
 | |
| #              python3-pymysql python3-psycopg2 python3-passlib python3-pip \
 | |
| #              python3-setuptools python3-packaging python3-venv virtualenv
 | |
| 
 | |
| #$APT_PATH/apt -y --allow-downgrades install ansible-core
 | |
| 
 | |
| if uname -m | grep -q 64; then
 | |
|     # 2021-10-30: Using pip is messy, leaving behind cached files, so turn off pip
 | |
|     # cache system-wide before installing:
 | |
|     # https://stackoverflow.com/questions/9510474/removing-pips-cache/61762308#61762308
 | |
|     # https://github.com/iiab/iiab/pull/3022
 | |
|     pip3 config --global set global.no-cache-dir false
 | |
|     echo -e "\n\n'pip3 install --upgrade ansible-core' will now run:\n"
 | |
|     pip3 install --upgrade ansible-core    # ansible-core 2.12 (released 2021-11-08) requires Python >= 3.8
 | |
| else
 | |
|     echo "2022-11-09: ansible-core 2.12.10+ PPA works on 32-bit RasPiOS, using /etc/apt/sources.list.d/iiab-ansible.list, until upstream wheels -> cryptography is fixed (PR #3421)"
 | |
|     $APT_PATH/apt -y --allow-downgrades install ansible-core
 | |
| fi
 | |
| 
 | |
| # (Re)running collection installs appears safe, with --force-with-deps to force
 | |
| # upgrade of collection and dependencies it pulls in.  Note Ansible may support
 | |
| # explicit upgrading of collections (--upgrade / -U flag) in version "2.11"
 | |
| # with PR ansible/ansible#73336.  See also IIAB PRs #2647 #2652 #2653 #2655.
 | |
| echo -e "\n\nIIAB requires these ~4 Ansible Collections: (we upgrade them here if possible!)\n"
 | |
| ansible-galaxy collection install --force-with-deps \
 | |
|                -r /opt/iiab/iiab/collections.yml \
 | |
|                -p /usr/share/ansible/collections
 | |
| # 2021-02-24: 'ansible-galaxy collection list' lists those installed. (#2659)
 | |
| # 2020-11-28: The ~3 Ansible Collections used by IIAB (~37MB) once lived here:
 | |
| #    /root/.ansible/collections/ansible_collections
 | |
| # But going forward they'll be stored herein: [~24MB for 4 Collections as of 2021-05-19]
 | |
| #    /usr/share/ansible/collections/ansible_collections
 | |
| 
 | |
| # 2021-04-19: No longer needed, per PR #2743 testing
 | |
| #echo -e "\n\nCreating/verifying directory /etc/ansible & installing /etc/ansible/hosts\n"
 | |
| #mkdir -p /etc/ansible    # LIKELY REDUNDANT, due to above installation of Ansible
 | |
| #echo -e '[local]\nlocalhost\n' > /etc/ansible/hosts    # LIKELY REDUNDANT, due to https://github.com/iiab/iiab/blob/master/ansible_hosts
 | |
| 
 | |
| echo -e "\n\nSUCCESS!  PLEASE VERIFY ANSIBLE WITH COMMANDS LIKE:\n"
 | |
| echo -e "    ansible --version"
 | |
| echo -e "    pip3 show ansible-core"
 | |
| echo -e '    apt -a list "ansible*"'
 | |
| echo -e "    ansible-galaxy collection list\n"
 | |
| echo -e "WARNING: Start a new Linux shell, if it changed from /usr/bin to /usr/local/bin\n\n"
 |