├── .gitignore
├── .python-version
├── .travis.yml
├── CHANGELOG.md
├── LICENSE
├── README.md
├── Vagrantfile
├── ansible
├── ansible.cfg
├── group_vars
│ ├── all
│ ├── armbian
│ ├── brand
│ ├── debian
│ ├── raspbian
│ └── ubuntu
├── inventory.example
├── plugins
│ └── mitogen-0.2.2
│ │ ├── PKG-INFO
│ │ ├── README.md
│ │ ├── ansible_mitogen
│ │ ├── __init__.py
│ │ ├── connection.py
│ │ ├── loaders.py
│ │ ├── logging.py
│ │ ├── mixins.py
│ │ ├── module_finder.py
│ │ ├── parsing.py
│ │ ├── planner.py
│ │ ├── plugins
│ │ │ ├── __init__.py
│ │ │ ├── connection
│ │ │ │ ├── __init__.py
│ │ │ │ ├── mitogen_doas.py
│ │ │ │ ├── mitogen_docker.py
│ │ │ │ ├── mitogen_jail.py
│ │ │ │ ├── mitogen_local.py
│ │ │ │ ├── mitogen_lxc.py
│ │ │ │ ├── mitogen_lxd.py
│ │ │ │ ├── mitogen_machinectl.py
│ │ │ │ ├── mitogen_setns.py
│ │ │ │ ├── mitogen_ssh.py
│ │ │ │ ├── mitogen_su.py
│ │ │ │ └── mitogen_sudo.py
│ │ │ └── strategy
│ │ │ │ ├── __init__.py
│ │ │ │ ├── mitogen.py
│ │ │ │ ├── mitogen_free.py
│ │ │ │ └── mitogen_linear.py
│ │ ├── process.py
│ │ ├── runner.py
│ │ ├── services.py
│ │ ├── strategy.py
│ │ └── target.py
│ │ ├── mitogen.egg-info
│ │ ├── PKG-INFO
│ │ ├── SOURCES.txt
│ │ ├── dependency_links.txt
│ │ ├── not-zip-safe
│ │ └── top_level.txt
│ │ ├── mitogen
│ │ ├── __init__.py
│ │ ├── compat
│ │ │ ├── __init__.py
│ │ │ ├── functools.py
│ │ │ ├── pkgutil.py
│ │ │ └── tokenize.py
│ │ ├── core.py
│ │ ├── debug.py
│ │ ├── doas.py
│ │ ├── docker.py
│ │ ├── fakessh.py
│ │ ├── fork.py
│ │ ├── jail.py
│ │ ├── lxc.py
│ │ ├── master.py
│ │ ├── minify.py
│ │ ├── parent.py
│ │ ├── select.py
│ │ ├── service.py
│ │ ├── setns.py
│ │ ├── ssh.py
│ │ ├── su.py
│ │ ├── sudo.py
│ │ ├── unix.py
│ │ └── utils.py
│ │ ├── setup.cfg
│ │ └── setup.py
├── roles
│ ├── ansible-postgresql
│ │ ├── README.md
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ └── get_repo_rpm_release.py
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── backup.yml
│ │ │ ├── debian.yml
│ │ │ ├── main.yml
│ │ │ ├── overwrite.yml
│ │ │ └── redhat.yml
│ │ ├── templates
│ │ │ ├── 20ansible_backup.conf.j2
│ │ │ ├── 25ansible_postgresql.conf.j2
│ │ │ ├── archive_wal.sh.j2
│ │ │ ├── backup_working_wal.sh.j2
│ │ │ ├── moodle_database_template.dump
│ │ │ ├── pg_hba.conf.debian.j2
│ │ │ ├── pg_hba.conf.redhat.j2
│ │ │ └── scheduled_backup.sh.j2
│ │ └── vars
│ │ │ ├── debian.yml
│ │ │ ├── main.yml
│ │ │ └── redhat.yml
│ ├── bootstrap
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ ├── ATTiny.bat
│ │ │ ├── config.txt
│ │ │ ├── dnsmasq.conf
│ │ │ ├── etc_avahi_avahi-daemon.conf
│ │ │ ├── etc_default_hostapd
│ │ │ ├── etc_default_macchanger
│ │ │ ├── etc_macchanger_ifupdown.sh
│ │ │ ├── etc_network_if-post-down.d_macchanger
│ │ │ ├── etc_systemd_system_PxUSBm.service
│ │ │ ├── ethtool
│ │ │ ├── modules
│ │ │ ├── test_RestartWLAN.py
│ │ │ ├── usr_local_bin_poweroff_poewroff_internal
│ │ │ │ ├── base_library.zip
│ │ │ │ ├── lib-dynload
│ │ │ │ │ ├── _bz2.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _codecs_cn.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _codecs_hk.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _codecs_iso2022.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _codecs_jp.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _codecs_kr.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _codecs_tw.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _contextvars.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _ctypes.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _decimal.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _hashlib.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _lzma.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ ├── _multibytecodec.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ │ └── resource.cpython-39-arm-linux-gnueabihf.so
│ │ │ │ ├── libbz2.so.1.0
│ │ │ │ ├── libcrypto.so.1.1
│ │ │ │ ├── libexpat.so.1
│ │ │ │ ├── libffi.so.7
│ │ │ │ ├── libgcc_s.so.1
│ │ │ │ ├── liblzma.so.5
│ │ │ │ ├── libmpdec.so.3
│ │ │ │ ├── libpython3.9.so.1.0
│ │ │ │ └── libz.so.1
│ │ │ ├── usr_local_bin_poweroff_poweroff
│ │ │ ├── usr_local_connectbox_bin_ConnectBoxManage.sh
│ │ │ ├── usr_local_connectbox_bin_CreateLogFiles.sh
│ │ │ ├── usr_local_connectbox_bin_LICENSE.txt
│ │ │ ├── usr_local_connectbox_bin_PxUSBm.py
│ │ │ ├── usr_local_connectbox_bin_TestPxUSBm.py
│ │ │ ├── usr_local_connectbox_bin_determineBoxID.sh
│ │ │ ├── usr_local_connectbox_bin_indexer.py
│ │ │ ├── usr_local_connectbox_bin_lazyLoader.py
│ │ │ ├── usr_local_connectbox_bin_mmiLoader.py
│ │ │ ├── usr_local_connectbox_bin_phonehome.py
│ │ │ ├── usr_local_connectbox_bin_shutdown.sh
│ │ │ ├── usr_local_connectbox_bin_shutdownShell.sh
│ │ │ ├── usr_local_connectbox_test_RW_AT.py
│ │ │ ├── usr_local_connectbox_test_RW_AXP209-53.py
│ │ │ └── usr_local_connectbox_test_RW_BatLog.py
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── 10-switch-role.conf.j2
│ │ │ └── brand_txt.j2
│ ├── captive-portal
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── etc_systemd_system_captiveportal.service.j2
│ │ │ └── etc_tmpfiles.d_captiveportal.conf.j2
│ ├── connectbox-pi
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── access-log-analyzer.conf.j2
│ │ │ ├── connectbox.conf.j2
│ │ │ └── logrotate.hourly.conf.j2
│ ├── dns-dhcp
│ │ ├── README.md
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ └── etc_default_dnsmasq
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── etc_dnsmasq.conf.j2
│ │ │ └── process-dhcp-event.sh.j2
│ ├── enhanced-content
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ ├── bin_connectboxmanage
│ │ │ └── connectbox_enhanced.json
│ │ ├── handlers
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── main.yml
│ ├── hat-service
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ ├── radxa_CM3.py
│ │ │ └── radxa___init__.py
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ ├── templates
│ │ │ └── neo-battery-shutdown.service.j2
│ │ └── vars
│ │ │ └── main.yml
│ ├── image-preparation
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ └── armbian-resize-filesystem.service
│ │ ├── handlers
│ │ │ └── main.yaml
│ │ └── tasks
│ │ │ └── main.yml
│ ├── mikegleasonjr.firewall
│ │ ├── .gitignore
│ │ ├── .travis.yml
│ │ ├── LICENSE
│ │ ├── README.md
│ │ ├── Vagrantfile
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ ├── .galaxy_install_info
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ ├── bullseye-debian.yml
│ │ │ ├── main.yml
│ │ │ ├── persist-debian.yml
│ │ │ └── rules.yml
│ │ ├── templates
│ │ │ ├── generated.v4.j2
│ │ │ └── generated.v6.j2
│ │ └── tests.yml
│ ├── moodle
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── blockcontent_content.j2
│ │ │ ├── customcert.tar.gz
│ │ │ ├── filedir.tar.gz
│ │ │ ├── thewell_index_php.j2
│ │ │ ├── var_www_moodle_config_php.j2
│ │ │ └── var_www_moodle_info_php.j2
│ ├── network-interfaces
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ ├── 5.0.63-v7l+
│ │ │ │ ├── 8812au.ko
│ │ │ │ └── 88x2bu.ko
│ │ │ ├── 5.10.103+
│ │ │ │ ├── 8812au.ko
│ │ │ │ └── 88x2bu.ko
│ │ │ ├── 5.10.63-v7l+
│ │ │ │ ├── 8812au.ko
│ │ │ │ └── 88x2bu.ko
│ │ │ ├── 5.10.92-v7l+
│ │ │ │ ├── 8812au.ko
│ │ │ │ └── 88x2bu.ko
│ │ │ ├── 5.15.25-sunxi
│ │ │ │ ├── 8812au.ko
│ │ │ │ └── 88x2bu.ko
│ │ │ ├── 5.15.74-sunxi
│ │ │ │ ├── 8812au.ko
│ │ │ │ └── 88x2bu.ko
│ │ │ ├── 8812au-install.sh
│ │ │ ├── 8852au-install.sh
│ │ │ └── 88x2bu-install.sh
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── etc_dhcp_dhclient-enter-hooks_wlan0.pl
│ │ │ ├── etc_dhcpcd.conf.j2
│ │ │ ├── etc_network_interfaces.j2
│ │ │ └── wpa_supplicant.conf.j2
│ ├── nginx
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── connectbox_captive-portal.conf.j2
│ │ │ ├── connectbox_classic.conf.j2
│ │ │ ├── connectbox_enhanced.conf.j2
│ │ │ ├── connectbox_icon-only.conf.j2
│ │ │ ├── connectbox_moodle.conf.j2
│ │ │ ├── connectbox_static-site.conf.j2
│ │ │ └── nginx.conf.j2
│ ├── php
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ └── etc_apt_sources_list_d_php_list.j2
│ ├── remove-lz4
│ │ ├── handlers
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── main.yml
│ ├── rpi-permissions
│ │ └── tasks
│ │ │ └── main.yml
│ ├── sample-content
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── main.yml
│ ├── usb-content
│ │ ├── handlers
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── main.yml
│ ├── webserver-content
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── etc_systemd_system_gunicorn.service.j2
│ │ │ └── etc_tmpfiles.d_gunicorn.conf.j2
│ ├── wifi-ap
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── handlers
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ │ ├── etc_default_crda.j2
│ │ │ ├── etc_default_hostapd_hostapd.conf.j2
│ │ │ └── hostapd.conf.j2
│ └── wlan-set
│ │ ├── handlers
│ │ └── main.yml
│ │ └── tasks
│ │ └── main.yml
└── site.yml
├── ci
├── ansible.cfg
├── ci-inventory
├── ci-ssh-config
├── main.tf
├── outputs.tf
├── script_run_on_non_pull_requests.sh
├── script_run_on_pull_requests.sh
├── travis-ci-connectbox.pem.enc
└── variables.tf
├── docs
├── administration.md
├── administration_rpi.md
├── awsinstall.md
├── deployment.md
├── development.md
├── making_an_image.md
└── simplified_making_an_image.md
├── insecure_private_key
├── python
├── admin
│ ├── __init__.py
│ └── api.py
├── chat
│ ├── __init__.py
│ ├── datasource.py
│ └── server.py
├── defaults.cfg
├── main.py
└── requirements.dev.txt
├── requirements.in
├── requirements.txt
├── scripts
├── ConnectBoxManage.sh
├── CreateLogFiles.sh
├── determineBoxID.sh
├── phonehome.py
└── wlan0.pl
└── tests
└── test_connectbox_static.py
/.gitignore:
--------------------------------------------------------------------------------
1 | *.pyc
2 | .DS_Store
3 | *.swp
4 | *.retry
5 | .vagrant
6 | *.pem
7 | ci/inventory
8 | ghostdriver.log
9 | ci/terraform.tfstate*
10 | ansible/inventory
11 |
12 | ~/.virtualenvs/*
13 | makenewimage.sh
14 | ansible/inventory-*
15 | makenewimage.pl
16 | copyimagetosd.pl
17 |
--------------------------------------------------------------------------------
/.python-version:
--------------------------------------------------------------------------------
1 | 3.6.11
2 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: python
2 | python:
3 | - "3.6"
4 | dist: trusty
5 | cache:
6 | directories:
7 | - "$HOME/.cache/pip"
8 | pip: true
9 | timeout: 86400
10 | before_cache:
11 | - rm -f $HOME/.cache/pip/log/debug.log
12 | install:
13 | - export PATH=$PATH:$PWD
14 | - pip install -r requirements.txt
15 | script:
16 | - $TRAVIS_BUILD_DIR/ci/script_run_on_pull_requests.sh;
17 | - pushd $TRAVIS_BUILD_DIR && ansible-lint -x ANSIBLE0004,ANSIBLE0006,ANSIBLE0010,ANSIBLE0012
18 | --exclude=ansible/roles/mikegleasonjr.firewall --exclude=ansible/roles/geerlingguy.nginx
19 | ansible/site.yml && popd
20 | notifications:
21 | slack:
22 | rooms:
23 | - secure: jGRq7hp2sSz7xXSfMwNMKOgTgR5nO+He39jfiyLA6MjUchcqVyvxj6F1X7lIemyee9sud650sWjO7sWnWHkq024jQkONnlxUzrIQMAt4DuhN+BNmDO7+hHnmLHfQSkevtUEBVYFSP8KV16sXyS11aUHhjrZn+JW3Ozpb1nYummcAKVZ0OfWhHuwoLIK3qtgWDoiWA796JEUDIySR25JsnRRZIW09L0lg/528SD9scH/52DqpMCoLuRtsYBY4v2BMndillnsvo4P6dMfvKFhLCmNuabgyIPxOZ6vE1YD4uHCh67fXOwsjMk3+Kv6huPp3K5CVj3/84V6VDlLTvrlzuNiS7SKD4Y1mb7nDCGTv5ybIjDRPe90NEg3rClbPD9zH6fPTl7/MTkDDB+sRaTGXoQ/g+stc0W6/m8FIU6oZSfgm1XKp1FhOrv43oWUtM1A5G9xo3gYMl1aSCmolDqV+dqAEaTgr5PgTrYWgK1mNv7l8zTAsSpi5BgH3tHEN8UGFkJXmRukLr6hNoSt+QlTI9BxFBDIuy8nkE5DoGlxTKj0JXXH2vSahd/fkc+pXOBrKD3e6DRZuelaeKK9RzpAGu7OaeUJCUH4tWzBAjzqFlgksczVsT7pygASH0nLU2s3XT3FJmUSmpT8mzD+mVsjD8NFFGSMou91YqHdypfy84SU=
24 | on_success: change
25 | on_pull_requests: false
26 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | This software consists of voluntary contributions made by many
2 | individuals. For exact contribution history, see the revision history
3 | available at https://github.com/ConnectBox/connectbox-pi
4 |
5 | The following license applies to all parts of this software except as
6 | documented below:
7 |
8 | ---
9 | The MIT License
10 |
11 | Copyright © 2016-2017 ConnectBox contributors
12 |
13 | Permission is hereby granted, free of charge, to any person obtaining
14 | a copy of this software and associated documentation files (the
15 | "Software"), to deal in the Software without restriction, including
16 | without limitation the rights to use, copy, modify, merge, publish,
17 | distribute, sublicense, and/or sell copies of the Software, and to
18 | permit persons to whom the Software is furnished to do so, subject to
19 | the following conditions:
20 |
21 | The above copyright notice and this permission notice shall be
22 | included in all copies or substantial portions of the Software.
23 |
24 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
25 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
26 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
27 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
28 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
29 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
30 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31 |
32 | ---
33 |
34 | All files located in directories named "external" are externally
35 | maintained libraries used by this software which have their own
36 | licenses; we recommend you read them, as their terms may differ from
37 | the terms above.
38 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | [](https://travis-ci.org/ConnectBox/connectbox-pi)
2 |
3 | # TheWell version of ConnectBox
4 |
5 | TheWell is a variant of ConnectBox that adds Moodle Learning Management System (v. 3.9.3), PHP (v. 7.4) and MySQL (MariaDB) (vv 10.3) to bring training system and learning content to the ConnectBox platform.
6 |
7 | Summary Of Changes:
8 | * ConnectBox Ansible roles are updated to build ConnectBox with Moodle, PHP and MySQL
9 | * TheWell is for Debian OS (Raspbian) on Raspberry Pi (with modifications) or other Linux host
10 | * Refer to Relay Trust Moodle Repo for Documentation Of Changes
11 | * Default Moodle MySQL database is located in this repo under ansible/roles/moodle/templates/
12 | * Legacy Connectbox File Serving is now at {{{hostname}}} such that Connectbox is http://thewell, Moodle is http://learn.thewell and Admin is http://thewell/admin
13 | * (There will be more as this gets built out)
14 |
15 | # ConnectBox
16 |
17 | ConnectBox is a media sharing device based on small form factor computers including the Raspberry Pi 3, Raspberry Pi Zero W, NanoPi NEO, Orange Pi Zero and Pine64.
18 |
19 | # Making a ConnectBox
20 |
21 | See [docs/deployment.md](docs/deployment.md)
22 |
23 | # Making a Connectbox on AWS
24 |
25 | See [docs/awsinstall.md](docs /docs/awsinstall.md)
26 |
27 | # Connectbox setup and administration
28 |
29 | See [docs/administration.md](docs/administration.md)
30 |
31 | # Developing the ConnectBox Software
32 |
33 | See [docs/development.md](docs/development.md)
34 |
35 | # MicroSD Card Images/Releases
36 | TBD
--------------------------------------------------------------------------------
/Vagrantfile:
--------------------------------------------------------------------------------
1 | # -*- mode: ruby -*-
2 | # vi: set ft=ruby :
3 |
4 | Vagrant.configure(3) do |config|
5 |
6 | # Overridden
7 | config.vm.box = ""
8 |
9 | config.vm.provider "vmware_fusion" do |vmw|
10 | vmw.memory = "512"
11 | end
12 | config.vm.provider "virtualbox" do |vb|
13 | vb.memory = "512"
14 | end
15 |
16 | # Debian Stretch
17 | config.vm.define "stretch" do |stretch|
18 | stretch.vm.box = "generic/debian9"
19 | stretch.vm.network "private_network", ip: "172.28.128.5"
20 | stretch.vm.post_up_message = "ConnectBox (Debian Stretch) provisioned in developer mode. IP: 172.28.128.5, hostname: stretch-vagrant.connectbox. You probably want '172.28.128.5 stretch-vagrant.connectbox resettest-stretch-vagrant.connectbox' in /etc/hosts"
21 |
22 | stretch.vm.provision "ansible" do |ansible|
23 | ansible.playbook = "ansible/site.yml"
24 | ansible.host_vars = {
25 | "stretch" => {
26 | "connectbox_default_hostname": "stretch-vagrant.connectbox",
27 | "developer_mode": true,
28 | "lan_dns_if": "eth1",
29 | }
30 | }
31 | ansible.skip_tags = "full-build-only"
32 | end
33 | end
34 |
35 | # Debian Focal
36 | config.vm.define "focal" do |focal|
37 | focal.vm.box = "generic/debian9"
38 | focal.vm.network "private_network", ip: "172.28.128.5"
39 | focal.vm.post_up_message = "ConnectBox (Debian focal) provisioned in developer mode. IP: 172.28.128.5, hostname: focal-vagrant.connectbox. You probably want '172.28.128.5 stretch-vagrant.connectbox resettest-focal-vagrant.connectbox' in /etc/hosts"
40 |
41 | stretch.vm.provision "ansible" do |ansible|
42 | ansible.playbook = "ansible/site.yml"
43 | ansible.host_vars = {
44 | "focal" => {
45 | "connectbox_default_hostname": "focal-vagrant.connectbox",
46 | "developer_mode": true,
47 | "lan_dns_if": "eth1",
48 | }
49 | }
50 | ansible.skip_tags = "full-build-only"
51 | end
52 | end
53 |
54 | # Ubuntu Xenial
55 | config.vm.define "ubuntu" do |ubuntu|
56 | # Not using ubuntu/xenial64 because of
57 | # https://bugs.launchpad.net/cloud-images/+bug/1569237
58 | ubuntu.vm.box = "bento/ubuntu-16.04"
59 | ubuntu.vm.network "private_network", ip: "172.28.128.4"
60 | ubuntu.vm.post_up_message = "ConnectBox (Ubuntu Xenial) provisioned in developer mode. IP: 172.28.128.4, hostname: ubuntu-vagrant.connectbox. You probably want '172.28.128.4 ubuntu-vagrant.connectbox resettest-ubuntu-vagrant.connectbox' in /etc/hosts"
61 |
62 | ubuntu.vm.provision "ansible" do |ansible|
63 | ansible.playbook = "ansible/site.yml"
64 | ansible.host_vars = {
65 | "ubuntu" => {
66 | "connectbox_default_hostname": "ubuntu-vagrant.connectbox",
67 | "developer_mode": true,
68 | "lan_dns_if": "eth1",
69 | }
70 | }
71 | ansible.skip_tags = "full-build-only"
72 | end
73 | end
74 | end
75 |
--------------------------------------------------------------------------------
/ansible/ansible.cfg:
--------------------------------------------------------------------------------
1 | [defaults]
2 | retry_files_enabled = False
3 | force_handlers = True
4 | [ssh_connection]
5 | pipelining = True
6 | # Control Persist long enough that a password prompted playbook run doesn't
7 | # reprompt during a playbook run
8 | ssh_args = -o ControlMaster=auto -o ControlPersist=30m
9 |
10 |
--------------------------------------------------------------------------------
/ansible/group_vars/armbian:
--------------------------------------------------------------------------------
1 | ---
2 | connectbox_os: armbian
3 | ansible_user: root
4 | apty_services:
5 | - unattended-upgrades
6 | - apt-daily.service
7 | - apt-daily.timer
8 | - apt-daily-upgrade.service
9 | - apt-daily-upgrade.timer
10 |
--------------------------------------------------------------------------------
/ansible/group_vars/brand:
--------------------------------------------------------------------------------
1 | ---
2 | lcd_logo_hostname: (this is not here because it is pulled from group_vars/all hostname)
3 | lcd_logo: connectbox_logo.png
4 | enhanced_interface_logo: ""
5 |
6 | lcd_font_size: 27
7 | lcd_x_position: 6
8 | lcd_y_position: 0
9 |
10 | # PI for RPi, CM for CM4, NEO for nanoPi Neo, OP for Orange Pi
11 | device_type: "NEO"
12 |
13 | usbNoMount: 0
14 |
15 | lcd_pages_main: 1
16 | lcd_pages_info: 1
17 | lcd_pages_battery: 1
18 | #By default we don't show the multi-bat page except on a CM4 build
19 | lcd_pages_multi_bat: 0
20 | lcd_pages_memory: 1
21 | lcd_pages_stats_hour_one: 1
22 | lcd_pages_stats_hour_two: 1
23 | lcd_pages_stats_day_one: 1
24 | lcd_pages_stats_day_two: 1
25 | lcd_pages_stats_week_one: 1
26 | lcd_pages_stats_week_two: 1
27 | lcd_pages_stats_month_one: 1
28 | lcd_pages_stats_month_two: 1
29 | lcd_pages_admin: 0
30 |
31 | # 0, 1 or "none" with 0 being logic invert on the signal line or "both" for full time otg mode
32 | otg_enable: "both"
33 | # module to load by default for OTG enable
34 | g_device: "g_serial"
35 | #OTG module extention if g_mass_storage needing a directory
36 | enable_mass_storage: ""
37 |
38 | server_url: ""
39 | server_authorization: ""
40 | server_sitename: ""
41 | server_siteadmin_name: ""
42 | server_siteadmin_email: ""
43 | server_siteadmin_phone: ""
44 | server_siteadmin_country: ""
--------------------------------------------------------------------------------
/ansible/group_vars/debian:
--------------------------------------------------------------------------------
1 | ---
2 | connectbox_os: debian
3 | apty_services:
4 | - unattended-upgrades
5 | - apt-daily
6 |
--------------------------------------------------------------------------------
/ansible/group_vars/raspbian:
--------------------------------------------------------------------------------
1 | ---
2 | connectbox_os: raspbian
3 | ansible_user: pi
4 | root_partition_size: "4GB"
5 |
--------------------------------------------------------------------------------
/ansible/group_vars/ubuntu:
--------------------------------------------------------------------------------
1 | ---
2 | connectbox_os: ubuntu
3 | apty_services:
4 | - unattended-upgrades
5 | - apt-daily
6 |
--------------------------------------------------------------------------------
/ansible/inventory.example:
--------------------------------------------------------------------------------
1 | # Ansible Inventory File
2 | #
3 | # Add your device IP on a single line
4 | #
5 | # If your device has a WiFi access point, replace the wireless_country_code
6 | # with your two-letter country code (see https://git.kernel.org/cgit/linux/kernel/git/sforshee/wireless-regdb.git/tree/db.txt for a list of valid values)
7 |
8 | #192.168.20.180 wireless_country_code=AU
9 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/PKG-INFO:
--------------------------------------------------------------------------------
1 | Metadata-Version: 1.1
2 | Name: mitogen
3 | Version: 0.2.2
4 | Summary: Library for writing distributed self-replicating programs.
5 | Home-page: https://github.com/dw/mitogen/
6 | Author: David Wilson
7 | Author-email: UNKNOWN
8 | License: New BSD
9 | Description-Content-Type: UNKNOWN
10 | Description: UNKNOWN
11 | Platform: UNKNOWN
12 | Classifier: Development Status :: 3 - Alpha
13 | Classifier: Environment :: Console
14 | Classifier: Intended Audience :: System Administrators
15 | Classifier: License :: OSI Approved :: BSD License
16 | Classifier: Operating System :: POSIX
17 | Classifier: Programming Language :: Python
18 | Classifier: Programming Language :: Python :: 2.4
19 | Classifier: Programming Language :: Python :: 2.5
20 | Classifier: Programming Language :: Python :: 2.6
21 | Classifier: Programming Language :: Python :: 2.7
22 | Classifier: Programming Language :: Python :: 3.6
23 | Classifier: Programming Language :: Python :: Implementation :: CPython
24 | Classifier: Topic :: System :: Distributed Computing
25 | Classifier: Topic :: System :: Systems Administration
26 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/README.md:
--------------------------------------------------------------------------------
1 |
2 | # Mitogen
3 |
4 | Please see the documentation.
5 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/plugins/mitogen-0.2.2/ansible_mitogen/__init__.py
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/loaders.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | """
30 | Stable names for PluginLoader instances across Ansible versions.
31 | """
32 |
33 | from __future__ import absolute_import
34 |
35 | try:
36 | from ansible.plugins.loader import action_loader
37 | from ansible.plugins.loader import connection_loader
38 | from ansible.plugins.loader import module_loader
39 | from ansible.plugins.loader import module_utils_loader
40 | from ansible.plugins.loader import strategy_loader
41 | except ImportError: # Ansible <2.4
42 | from ansible.plugins import action_loader
43 | from ansible.plugins import connection_loader
44 | from ansible.plugins import module_loader
45 | from ansible.plugins import module_utils_loader
46 | from ansible.plugins import strategy_loader
47 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/__init__.py
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/__init__.py
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_doas.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen.connection
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'mitogen_doas'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_docker.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'docker'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_jail.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'jail'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_lxc.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'lxc'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_lxd.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'lxd'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_machinectl.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen.connection
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'machinectl'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_setns.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen.connection
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'setns'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_ssh.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | DOCUMENTATION = """
33 | author: David Wilson
34 | connection: mitogen_ssh
35 | short_description: Connect over SSH via Mitogen
36 | description:
37 | - This connects using an OpenSSH client controlled by the Mitogen for
38 | Ansible extension. It accepts every option the vanilla ssh plugin
39 | accepts.
40 | version_added: "2.5"
41 | options:
42 | """
43 |
44 | try:
45 | import ansible_mitogen.connection
46 | except ImportError:
47 | base_dir = os.path.dirname(__file__)
48 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
49 | del base_dir
50 |
51 | import ansible_mitogen.connection
52 |
53 |
54 | class Connection(ansible_mitogen.connection.Connection):
55 | transport = 'ssh'
56 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_su.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen.connection
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'mitogen_su'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/connection/mitogen_sudo.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | try:
33 | import ansible_mitogen.connection
34 | except ImportError:
35 | base_dir = os.path.dirname(__file__)
36 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
37 | del base_dir
38 |
39 | import ansible_mitogen.connection
40 |
41 |
42 | class Connection(ansible_mitogen.connection.Connection):
43 | transport = 'mitogen_sudo'
44 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/strategy/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/strategy/__init__.py
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/strategy/mitogen.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | #
33 | # This is not the real Strategy implementation module, it simply exists as a
34 | # proxy to the real module, which is loaded using Python's regular import
35 | # mechanism, to prevent Ansible's PluginLoader from making up a fake name that
36 | # results in ansible_mitogen plugin modules being loaded twice: once by
37 | # PluginLoader with a name like "ansible.plugins.strategy.mitogen", which is
38 | # stuffed into sys.modules even though attempting to import it will trigger an
39 | # ImportError, and once under its canonical name, "ansible_mitogen.strategy".
40 | #
41 | # Therefore we have a proxy module that imports it under the real name, and
42 | # sets up the duff PluginLoader-imported module to just contain objects from
43 | # the real module, so duplicate types don't exist in memory, and things like
44 | # debuggers and isinstance() work predictably.
45 | #
46 |
47 | try:
48 | import ansible_mitogen
49 | except ImportError:
50 | base_dir = os.path.dirname(__file__)
51 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
52 | del base_dir
53 |
54 | import ansible_mitogen.strategy
55 | import ansible.plugins.strategy.linear
56 |
57 |
58 | class StrategyModule(ansible_mitogen.strategy.StrategyMixin,
59 | ansible.plugins.strategy.linear.StrategyModule):
60 | pass
61 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/strategy/mitogen_free.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | #
33 | # This is not the real Strategy implementation module, it simply exists as a
34 | # proxy to the real module, which is loaded using Python's regular import
35 | # mechanism, to prevent Ansible's PluginLoader from making up a fake name that
36 | # results in ansible_mitogen plugin modules being loaded twice: once by
37 | # PluginLoader with a name like "ansible.plugins.strategy.mitogen", which is
38 | # stuffed into sys.modules even though attempting to import it will trigger an
39 | # ImportError, and once under its canonical name, "ansible_mitogen.strategy".
40 | #
41 | # Therefore we have a proxy module that imports it under the real name, and
42 | # sets up the duff PluginLoader-imported module to just contain objects from
43 | # the real module, so duplicate types don't exist in memory, and things like
44 | # debuggers and isinstance() work predictably.
45 | #
46 |
47 | try:
48 | import ansible_mitogen
49 | except ImportError:
50 | base_dir = os.path.dirname(__file__)
51 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
52 | del base_dir
53 |
54 | import ansible_mitogen.loaders
55 | import ansible_mitogen.strategy
56 |
57 |
58 | Base = ansible_mitogen.loaders.strategy_loader.get('free', class_only=True)
59 |
60 | class StrategyModule(ansible_mitogen.strategy.StrategyMixin, Base):
61 | pass
62 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/strategy/mitogen_linear.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import os.path
30 | import sys
31 |
32 | #
33 | # This is not the real Strategy implementation module, it simply exists as a
34 | # proxy to the real module, which is loaded using Python's regular import
35 | # mechanism, to prevent Ansible's PluginLoader from making up a fake name that
36 | # results in ansible_mitogen plugin modules being loaded twice: once by
37 | # PluginLoader with a name like "ansible.plugins.strategy.mitogen", which is
38 | # stuffed into sys.modules even though attempting to import it will trigger an
39 | # ImportError, and once under its canonical name, "ansible_mitogen.strategy".
40 | #
41 | # Therefore we have a proxy module that imports it under the real name, and
42 | # sets up the duff PluginLoader-imported module to just contain objects from
43 | # the real module, so duplicate types don't exist in memory, and things like
44 | # debuggers and isinstance() work predictably.
45 | #
46 |
47 | try:
48 | import ansible_mitogen
49 | except ImportError:
50 | base_dir = os.path.dirname(__file__)
51 | sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
52 | del base_dir
53 |
54 | import ansible_mitogen.loaders
55 | import ansible_mitogen.strategy
56 |
57 |
58 | Base = ansible_mitogen.loaders.strategy_loader.get('linear', class_only=True)
59 |
60 | class StrategyModule(ansible_mitogen.strategy.StrategyMixin, Base):
61 | pass
62 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen.egg-info/PKG-INFO:
--------------------------------------------------------------------------------
1 | Metadata-Version: 1.1
2 | Name: mitogen
3 | Version: 0.2.2
4 | Summary: Library for writing distributed self-replicating programs.
5 | Home-page: https://github.com/dw/mitogen/
6 | Author: David Wilson
7 | Author-email: UNKNOWN
8 | License: New BSD
9 | Description-Content-Type: UNKNOWN
10 | Description: UNKNOWN
11 | Platform: UNKNOWN
12 | Classifier: Development Status :: 3 - Alpha
13 | Classifier: Environment :: Console
14 | Classifier: Intended Audience :: System Administrators
15 | Classifier: License :: OSI Approved :: BSD License
16 | Classifier: Operating System :: POSIX
17 | Classifier: Programming Language :: Python
18 | Classifier: Programming Language :: Python :: 2.4
19 | Classifier: Programming Language :: Python :: 2.5
20 | Classifier: Programming Language :: Python :: 2.6
21 | Classifier: Programming Language :: Python :: 2.7
22 | Classifier: Programming Language :: Python :: 3.6
23 | Classifier: Programming Language :: Python :: Implementation :: CPython
24 | Classifier: Topic :: System :: Distributed Computing
25 | Classifier: Topic :: System :: Systems Administration
26 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen.egg-info/SOURCES.txt:
--------------------------------------------------------------------------------
1 | README.md
2 | setup.cfg
3 | setup.py
4 | ansible_mitogen/__init__.py
5 | ansible_mitogen/connection.py
6 | ansible_mitogen/loaders.py
7 | ansible_mitogen/logging.py
8 | ansible_mitogen/mixins.py
9 | ansible_mitogen/module_finder.py
10 | ansible_mitogen/parsing.py
11 | ansible_mitogen/planner.py
12 | ansible_mitogen/process.py
13 | ansible_mitogen/runner.py
14 | ansible_mitogen/services.py
15 | ansible_mitogen/strategy.py
16 | ansible_mitogen/target.py
17 | ansible_mitogen/plugins/__init__.py
18 | ansible_mitogen/plugins/connection/__init__.py
19 | ansible_mitogen/plugins/connection/mitogen_doas.py
20 | ansible_mitogen/plugins/connection/mitogen_docker.py
21 | ansible_mitogen/plugins/connection/mitogen_jail.py
22 | ansible_mitogen/plugins/connection/mitogen_local.py
23 | ansible_mitogen/plugins/connection/mitogen_lxc.py
24 | ansible_mitogen/plugins/connection/mitogen_lxd.py
25 | ansible_mitogen/plugins/connection/mitogen_machinectl.py
26 | ansible_mitogen/plugins/connection/mitogen_setns.py
27 | ansible_mitogen/plugins/connection/mitogen_ssh.py
28 | ansible_mitogen/plugins/connection/mitogen_su.py
29 | ansible_mitogen/plugins/connection/mitogen_sudo.py
30 | ansible_mitogen/plugins/strategy/__init__.py
31 | ansible_mitogen/plugins/strategy/mitogen.py
32 | ansible_mitogen/plugins/strategy/mitogen_free.py
33 | ansible_mitogen/plugins/strategy/mitogen_linear.py
34 | mitogen/__init__.py
35 | mitogen/core.py
36 | mitogen/debug.py
37 | mitogen/doas.py
38 | mitogen/docker.py
39 | mitogen/fakessh.py
40 | mitogen/fork.py
41 | mitogen/jail.py
42 | mitogen/lxc.py
43 | mitogen/master.py
44 | mitogen/minify.py
45 | mitogen/parent.py
46 | mitogen/select.py
47 | mitogen/service.py
48 | mitogen/setns.py
49 | mitogen/ssh.py
50 | mitogen/su.py
51 | mitogen/sudo.py
52 | mitogen/unix.py
53 | mitogen/utils.py
54 | mitogen.egg-info/PKG-INFO
55 | mitogen.egg-info/SOURCES.txt
56 | mitogen.egg-info/dependency_links.txt
57 | mitogen.egg-info/not-zip-safe
58 | mitogen.egg-info/top_level.txt
59 | mitogen/compat/__init__.py
60 | mitogen/compat/functools.py
61 | mitogen/compat/pkgutil.py
62 | mitogen/compat/tokenize.py
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen.egg-info/dependency_links.txt:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen.egg-info/not-zip-safe:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen.egg-info/top_level.txt:
--------------------------------------------------------------------------------
1 | ansible_mitogen
2 | mitogen
3 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen/compat/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/plugins/mitogen-0.2.2/mitogen/compat/__init__.py
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen/docker.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import logging
30 |
31 | import mitogen.core
32 | import mitogen.parent
33 |
34 |
35 | LOG = logging.getLogger(__name__)
36 |
37 |
38 | class Stream(mitogen.parent.Stream):
39 | child_is_immediate_subprocess = False
40 |
41 | container = None
42 | image = None
43 | username = None
44 | docker_path = 'docker'
45 |
46 | def construct(self, container=None, image=None,
47 | docker_path=None, username=None,
48 | **kwargs):
49 | assert container or image
50 | super(Stream, self).construct(**kwargs)
51 | if container:
52 | self.container = container
53 | if image:
54 | self.image = image
55 | if docker_path:
56 | self.docker_path = docker_path
57 | if username:
58 | self.username = username
59 |
60 | def connect(self):
61 | super(Stream, self).connect()
62 | self.name = u'docker.' + (self.container or self.image)
63 |
64 | def get_boot_command(self):
65 | args = ['--interactive']
66 | if self.username:
67 | args += ['--user=' + self.username]
68 |
69 | bits = [self.docker_path]
70 | if self.container:
71 | bits += ['exec'] + args + [self.container]
72 | elif self.image:
73 | bits += ['run'] + args + ['--rm', self.image]
74 |
75 | return bits + super(Stream, self).get_boot_command()
76 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen/jail.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import logging
30 |
31 | import mitogen.core
32 | import mitogen.parent
33 |
34 |
35 | LOG = logging.getLogger(__name__)
36 |
37 |
38 | class Stream(mitogen.parent.Stream):
39 | child_is_immediate_subprocess = False
40 | create_child_args = {
41 | 'merge_stdio': True
42 | }
43 |
44 | container = None
45 | username = None
46 | jexec_path = '/usr/sbin/jexec'
47 |
48 | def construct(self, container, jexec_path=None, username=None, **kwargs):
49 | super(Stream, self).construct(**kwargs)
50 | self.container = container
51 | self.username = username
52 | if jexec_path:
53 | self.jexec_path = jexec_path
54 |
55 | def connect(self):
56 | super(Stream, self).connect()
57 | self.name = u'jail.' + self.container
58 |
59 | def get_boot_command(self):
60 | bits = [self.jexec_path]
61 | if self.username:
62 | bits += ['-U', self.username]
63 | bits += [self.container]
64 | return bits + super(Stream, self).get_boot_command()
65 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/mitogen/lxc.py:
--------------------------------------------------------------------------------
1 | # Copyright 2017, David Wilson
2 | #
3 | # Redistribution and use in source and binary forms, with or without
4 | # modification, are permitted provided that the following conditions are met:
5 | #
6 | # 1. Redistributions of source code must retain the above copyright notice,
7 | # this list of conditions and the following disclaimer.
8 | #
9 | # 2. Redistributions in binary form must reproduce the above copyright notice,
10 | # this list of conditions and the following disclaimer in the documentation
11 | # and/or other materials provided with the distribution.
12 | #
13 | # 3. Neither the name of the copyright holder nor the names of its contributors
14 | # may be used to endorse or promote products derived from this software without
15 | # specific prior written permission.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
18 | # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
21 | # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 | # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 | # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 | # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 | # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 | # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 | # POSSIBILITY OF SUCH DAMAGE.
28 |
29 | import logging
30 |
31 | import mitogen.core
32 | import mitogen.parent
33 |
34 |
35 | LOG = logging.getLogger(__name__)
36 |
37 |
38 | class Stream(mitogen.parent.Stream):
39 | child_is_immediate_subprocess = False
40 | create_child_args = {
41 | # If lxc-attach finds any of stdin, stdout, stderr connected to a TTY,
42 | # to prevent input injection it creates a proxy pty, forcing all IO to
43 | # be buffered in <4KiB chunks. So ensure stderr is also routed to the
44 | # socketpair.
45 | 'merge_stdio': True
46 | }
47 |
48 | container = None
49 | lxc_attach_path = 'lxc-attach'
50 |
51 | def construct(self, container, lxc_attach_path=None, **kwargs):
52 | super(Stream, self).construct(**kwargs)
53 | self.container = container
54 | if lxc_attach_path:
55 | self.lxc_attach_path = lxc_attach_apth
56 |
57 | def connect(self):
58 | super(Stream, self).connect()
59 | self.name = u'lxc.' + self.container
60 |
61 | def get_boot_command(self):
62 | bits = [
63 | self.lxc_attach_path,
64 | '--clear-env',
65 | '--name', self.container,
66 | '--',
67 | ]
68 | return bits + super(Stream, self).get_boot_command()
69 |
--------------------------------------------------------------------------------
/ansible/plugins/mitogen-0.2.2/setup.cfg:
--------------------------------------------------------------------------------
1 | [coverage:run]
2 | branch = true
3 | source =
4 | mitogen
5 | omit =
6 | mitogen/compat/*
7 |
8 | [flake8]
9 | ignore = E402,E128,W503,E731
10 | exclude = mitogen/compat
11 |
12 | [egg_info]
13 | tag_build =
14 | tag_date = 0
15 |
16 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | postgresql_backup_local_dir: ~postgres/backup
4 | postgresql_backup_active_dir: "{{ postgresql_backup_local_dir }}/active"
5 | postgresql_backup_mail_recipient: postgres
6 | postgresql_backup_rotate: true
7 | postgresql_user_name: postgres
8 | postgresql_user_password: mypassword
9 |
10 | postgresql_archive_wal_rsync_args: '--ignore-existing -ptg --info=skip1'
11 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/files/get_repo_rpm_release.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | """
3 | Determine the latest version of the yum repository package.
4 |
5 | usage: get_repo_rpm_version.py url distribution
6 |
7 | e.g.:
8 |
9 | get_repo_rpm_version.py http://yum.postgresql.org/9.2/redhat/rhel-6-x86_64/ centos
10 | """
11 |
12 | import re
13 | import sys
14 | import urllib2
15 |
16 | url, dist = sys.argv[1:]
17 |
18 | try:
19 | repo = urllib2.urlopen(url)
20 | except urllib2.HTTPError, e:
21 | print >>sys.stderr, "Failed to fetch directory list from %s" % url
22 | raise
23 |
24 | pg_version = url.split('/')[3]
25 | if pg_version[0] == "8" and dist != "sl":
26 | re_pattern = 'href=[\'"](pgdg-%s-%s-[\d+].noarch.rpm)[\'"]' % (dist, pg_version)
27 | else:
28 | re_pattern = 'href=[\'"](pgdg-%s%s-%s-[\d+].noarch.rpm)[\'"]' % (dist, pg_version.replace('.', ''), pg_version)
29 | match = re.findall(re_pattern, repo.read(), flags=re.I)
30 |
31 | assert match, "No matching %s pgdg repository packages found for version %s at %s" % (dist, pg_version, url)
32 |
33 | print match[0]
34 |
35 | sys.exit(0)
36 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Reload PostgreSQL
4 | service: name={{ postgresql_service_name }} state=reloaded
5 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: The Galaxy Project
4 | description: Install and manage a PostgreSQL (http://www.postgresql.org/) server.
5 | company: The Galaxy Project
6 | license: AFL v3.0
7 | min_ansible_version: 2.4
8 | platforms:
9 | - name: EL
10 | versions:
11 | - all
12 | - name: Fedora
13 | versions:
14 | - all
15 | - name: Ubuntu
16 | versions:
17 | - all
18 | - name: Debian
19 | versions:
20 | - all
21 | galaxy_tags:
22 | - database
23 | - sql
24 | - postgres
25 | - postgresql
26 | dependencies: []
27 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/tasks/backup.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Create backup directories
4 | file:
5 | owner: postgres
6 | group: postgres
7 | mode: 0750
8 | state: directory
9 | path: "{{ item }}"
10 | with_items:
11 | - "{{ postgresql_backup_local_dir }}"
12 | - "{{ postgresql_backup_local_dir }}/bin"
13 | - "{{ postgresql_backup_active_dir }}"
14 |
15 | - name: Install backup scripts
16 | template:
17 | src: "{{ item }}.j2"
18 | dest: "{{ postgresql_backup_local_dir }}/bin/{{ item }}"
19 | owner: postgres
20 | group: postgres
21 | mode: 0750
22 | with_items:
23 | - backup_working_wal.sh
24 | - archive_wal.sh
25 | - scheduled_backup.sh
26 |
27 | - name: Set WAL archive config options
28 | template:
29 | src: 20ansible_backup.conf.j2
30 | dest: "{{ postgresql_conf_dir }}/conf.d/20ansible_backup.conf"
31 | owner: postgres
32 | group: postgres
33 | backup: yes
34 | notify: Reload PostgreSQL
35 |
36 | - name: Schedule backups
37 | cron:
38 | name: "PostgreSQL Backup"
39 | cron_file: ansible_postgresql_backup
40 | user: postgres
41 | hour: "{{ postgresql_backup_hour | default(1) }}"
42 | minute: "{{ postgresql_backup_minute | default(0) }}"
43 | day: "{{ postgresql_backup_day | default(omit) }}"
44 | month: "{{ postgresql_backup_month | default(omit) }}"
45 | weekday: "{{ postgresql_backup_weekday | default(omit) }}"
46 | job: >-
47 | {{ postgresql_backup_local_dir }}/bin/scheduled_backup.sh{{
48 | ' && ' ~ postgresql_backup_post_command if postgresql_backup_post_command is defined else ''
49 | }}
50 |
51 | - name: Schedule PostgreSQL working WAL backup
52 | cron:
53 | name: "PostgreSQL WAL Backup"
54 | cron_file: ansible_postgresql_walbackup
55 | user: postgres
56 | job: "{{ postgresql_backup_local_dir }}/bin/backup_working_wal.sh"
57 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/tasks/debian.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Install pgdg package signing key (Debian/pgdg)
4 | apt_key:
5 | keyserver: pgp.mit.edu
6 | id: ACCC4CF8
7 | register: __postgresql_apt_key_result
8 | until: __postgresql_apt_key_result is succeeded
9 | retries: 5
10 | delay: 5
11 | when: postgresql_flavor is defined and postgresql_flavor == "pgdg"
12 |
13 | - name: Install pgdg repository (Debian/pgdg)
14 | apt_repository:
15 | repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main"
16 | update_cache: yes
17 | when: postgresql_flavor is defined and postgresql_flavor == "pgdg"
18 |
19 | - name: Install PostgreSQL (Debian)
20 | apt:
21 | name: postgresql{{ '-' ~ postgresql_version if postgresql_version is defined else '' }}
22 | register: __postgresql_apt_result
23 | until: __postgresql_apt_result is succeeded
24 | retries: 5
25 | delay: 5
26 |
27 | - name: Get installed version
28 | command: dpkg-query -f ${Version;3} --show postgresql
29 | when: postgresql_version is not defined
30 | register: __postgresql_version_query_result
31 | changed_when: false
32 |
33 | - name: Set version fact
34 | set_fact:
35 | postgresql_version: "{{ __postgresql_version_query_result.stdout.split('+') | first }}"
36 | when: postgresql_version is not defined
37 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/tasks/overwrite.yml:
--------------------------------------------------------------------------------
1 | # These run if there is not moodle database existing
2 |
3 |
4 | - name: Set Default PSQL Password
5 | command: psql -c "ALTER USER postgres WITH PASSWORD '{{postgresql_user_password}}';"
6 | become: true
7 | become_user: postgres
8 |
9 | - name: Force all existing user sessions out
10 | command: psql -c "SELECT pg_terminate_backend(pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = 'moodle' AND pid <> pg_backend_pid();"
11 | become: true
12 | become_user: postgres
13 |
14 | - name: Delete Existing Moodle Database
15 | command: psql -c "DROP DATABASE IF EXISTS moodle;"
16 | become: true
17 | become_user: postgres
18 |
19 | - name: Create empty Moodle Database
20 | command: psql -c "create database moodle;"
21 | become: true
22 | become_user: postgres
23 |
24 | - name: Remove Moodle Dump From /tmp
25 | file:
26 | path: /tmp/moodle_database_template.dump
27 | state: absent
28 |
29 | - name: Copy Default Postgres Database Dump To /tmp
30 | template:
31 | src: "{{ item.src }}"
32 | dest: "/tmp/{{ item.dest }}"
33 | mode: 0666
34 | owner: postgres
35 | group: postgres
36 | with_items:
37 | - { src: "moodle_database_template.dump", dest: "moodle_database_template.dump" }
38 |
39 | - name: Install Default Postgres Database for Moodle
40 | command: psql -f /tmp/moodle_database_template.dump moodle
41 | become: true
42 | become_user: postgres
43 |
44 | - name: Recursively empty existing moodledata directory
45 | shell: rm -rf /var/www/moodledata/*
46 | become: true
47 | ignore_errors: yes
48 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/tasks/redhat.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Set PostgreSQL dotless version fact
4 | set_fact:
5 | __postgresql_version_dotless: "{{ postgresql_version | replace('.', '') }}"
6 | __postgresql_command_sep: "{{ postgresql_version is version('10', '>=') | ternary('-', '') }}"
7 |
8 | # Using the rpm URL format of the yum module causes Ansible to download the rpm
9 | # every time to check whether it's installed, so, don't do that.
10 | - name: Check pgdg repository package (RedHat)
11 | yum:
12 | name: "pgdg-redhat-repo"
13 | register: __postgresql_repo_pkg_installed_result
14 | ignore_errors: yes
15 |
16 | - name: Install pgdg repository package (RedHat)
17 | yum:
18 | name: >-
19 | https://download.postgresql.org/pub/repos/yum/reporpms/{{ postgresql_pgdg_shortfamilies[ansible_distribution]
20 | | default("EL") }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}/pgdg-{{
21 | postgresql_pgdg_families[ansible_distribution] | default("redhat") }}-repo-latest.noarch.rpm
22 | register: __postgresql_yum_result
23 | until: __postgresql_yum_result is succeeded
24 | retries: 5
25 | delay: 5
26 | when: __postgresql_repo_pkg_installed_result is failed
27 |
28 | #- name: Collect installed repos
29 | # yum:
30 | # list: repos
31 | # until: __postgresql_yum_repolist_result is succeeded
32 | # retries: 5
33 | # delay: 5
34 | # register: __postgresql_yum_repolist_result
35 |
36 | # Not supported (and no good workaround) until there is a solution for https://github.com/ansible/ansible/issues/41178
37 | #- name: Ensure that only the desired PostgreSQL version's repo is enabled
38 | # yum_repository:
39 | # name: item.repoid
40 | # enabled: "{{ (item.repoid == 'pgdg' ~ __postgresql_version_dotless) if item.repoid.startswith('pgdg') else item.state == 'enabled' }}"
41 | # # "{{ __postgresql_yum_repolist_result.results | selectattr('repoid', 'startswith', 'pgdg') | list }}" would be nice
42 | # # here but alas there is no `startswith` test
43 | # loop: "{{ __postgresql_yum_repolist_result.results }}"
44 |
45 | - name: Install PostgreSQL (RedHat)
46 | yum:
47 | name: postgresql{{ __postgresql_version_dotless }}-server
48 |
49 | - name: Check for pgdata directory
50 | stat:
51 | path: "{{ postgresql_pgdata }}/base"
52 | register: pgdata_stat
53 | failed_when: false
54 |
55 | - name: Initialize database (RedHat < 7)
56 | command: /sbin/service postgresql-{{ postgresql_version }} initdb
57 | args:
58 | warn: false # Use of /sbin/service is valid here, ignore lint error
59 | when: >-
60 | ansible_distribution_major_version is version(7, '<')
61 | and (pgdata_stat.stat.isdir is not defined or not pgdata_stat.stat.isdir)
62 |
63 | - name: Initialize database (RedHat >= 7)
64 | command: >-
65 | /usr/pgsql-{{ postgresql_version }}/bin/postgresql{{ __postgresql_command_sep }}{{
66 | __postgresql_version_dotless }}-setup initdb
67 | when: >-
68 | ansible_distribution_major_version is version(7, '>=')
69 | and (pgdata_stat.stat.isdir is not defined or not pgdata_stat.stat.isdir)
70 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/templates/20ansible_backup.conf.j2:
--------------------------------------------------------------------------------
1 | ##
2 | ## This file is maintained by Ansible - CHANGES WILL BE OVERWRITTEN
3 | ##
4 |
5 | {% if postgresql_backup_dir is defined and postgresql_backup_local_dir is defined %}
6 | wal_level = archive
7 | archive_mode = on
8 | archive_command = '{{ postgresql_backup_local_dir | expanduser }}/bin/archive_wal.sh "%p" "%f" main'
9 | {% endif %}
10 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/templates/25ansible_postgresql.conf.j2:
--------------------------------------------------------------------------------
1 | ##
2 | ## This file is maintained by Ansible - CHANGES WILL BE OVERWRITTEN
3 | ##
4 |
5 | {% if postgresql_conf is defined %}
6 | {% if postgresql_conf is mapping %}
7 | {% for opt in postgresql_conf | sort -%}
8 | {{ opt }} = {{ postgresql_conf[opt] }}
9 | {% endfor %}
10 | {% else %}
11 | {% for pair in postgresql_conf -%}
12 | {% for key in pair -%}
13 | {{ key }} = {{ pair[key] }}
14 | {% endfor %}
15 | {% endfor %}
16 | {% endif %}
17 | {% endif %}
18 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/templates/archive_wal.sh.j2:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | ##
3 | ## This file is maintained by Ansible - CHANGES WILL BE OVERWRITTEN
4 | ##
5 | #
6 | # this is invoked by postgres directly, and should be set as the
7 | # archive_command thusly:
8 | # archive_command = '/path/to/backup/bin/archive_wal.sh "%p" "%f"'
9 |
10 | full_file=$1
11 | file=$2
12 | server=`hostname`
13 |
14 | active_dir={{ postgresql_backup_active_dir }}
15 | backup_dir="{{ postgresql_backup_dir }}/current/wal"
16 | mutex={{ postgresql_backup_local_dir }}/walmutex
17 | mailto='{{ postgresql_backup_mail_recipient }}'
18 | mutex_attempts=50
19 |
20 | [ '{{ postgresql_backup_remote_rsync_path | default("None") }}' != 'None' ] && remote_rsync='--rsync-path={{ postgresql_backup_remote_rsync_path | default("None") }}' || remote_rsync=''
21 |
22 | handler()
23 | {
24 | command=$@
25 | out=`$command 2>&1`
26 | ret=$?
27 | if [ $ret -ne 0 ]; then
28 | (echo "execuing $command failed with code $ret:" ; echo "$out") | mail -s "$server: WAL archive failed" $mailto
29 | rm -f $mutex
30 | exit 1
31 | else
32 | if [ -n "$out" ]; then
33 | echo "$out"
34 | fi
35 | fi
36 | }
37 |
38 | attempt=0
39 |
40 | [ ! -d `dirname $mutex` ] && mkdir -p `dirname $mutex`
41 |
42 | while [ -f $mutex ]; do
43 | attempt=`expr $attempt + 1`
44 | if [ $attempt -gt $mutex_attempts ]; then
45 | echo "archive of WAL $file failed, timed out waiting for mutex from `cat $mutex`" | mail -s "$server: WAL archive failed" $mailto
46 | exit 1
47 | fi
48 | sleep 5
49 | done
50 |
51 | echo "archive-WAL $$" > $mutex
52 |
53 | # If rsync outputs anything to stdout, the destination already existed, which should not happen
54 | if [ -n "`handler rsync $remote_rsync {{ postgresql_archive_wal_rsync_args }} $full_file $backup_dir`" ]; then
55 | echo "$backup_dir/$file already exists, overwriting is not allowed" | mail -s "$server: WAL archive failed" $mailto
56 | rm -f $mutex
57 | exit 1
58 | fi
59 |
60 | # create an empty directory for --delete
61 | empty=`handler mktemp -d {{ postgresql_backup_local_dir }}/emptyXXXXXX`
62 |
63 | # clear the active directory
64 | handler rsync $remote_rsync -rptg --delete $empty/ $active_dir
65 |
66 | # remove the temp empty dir
67 | handler rmdir $empty
68 |
69 | # debug
70 | #echo "archive of WAL $file succeeded" | mail -s "$server: WAL archive succeeded" $mailto
71 |
72 | # exit normally
73 | rm -f $mutex
74 | exit 0
75 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/templates/backup_working_wal.sh.j2:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | ##
3 | ## This file is maintained by Ansible - CHANGES WILL BE OVERWRITTEN
4 | ##
5 |
6 | wal_dir='{{ postgresql_pgdata }}/{{ postgresql_version is version("10", ">=") | ternary("pg_wal", "pg_xlog") }}'
7 | backup_dir={{ postgresql_backup_active_dir }}
8 | mailto='{{ postgresql_backup_mail_recipient }}'
9 |
10 | active=`ls -1rtF $wal_dir | grep -v '/$' | tail -1`
11 |
12 | out=`scp -p $wal_dir/$active $backup_dir/$active 2>&1`
13 | ret=$?
14 |
15 | if [ $ret -ne 0 ]; then
16 | (echo "scp failed with code $ret:" ; echo "$out") | mail -s "`hostname`: WAL backup failed" $mailto
17 | fi
18 |
19 | exit $ret
20 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/templates/pg_hba.conf.debian.j2:
--------------------------------------------------------------------------------
1 | ##
2 | ## This file is maintained by Ansible - CHANGES WILL BE OVERWRITTEN
3 | ##
4 |
5 | {% if postgresql_pg_hba_local_postgres_user is not defined or postgresql_pg_hba_local_postgres_user %}
6 | # DO NOT DISABLE!
7 | # If you change this first entry you will need to make sure that the
8 | # database superuser can access the database using some other method.
9 | # Noninteractive access to all databases is required during automatic
10 | # maintenance (custom daily cronjobs, replication, and similar tasks).
11 | #
12 | # Database administrative login by Unix domain socket
13 | local all postgres peer
14 | {% endif %}
15 |
16 | {% if postgresql_pg_hba_local_socket is not defined or postgresql_pg_hba_local_socket %}
17 | # "local" is for Unix domain socket connections only
18 | local all all md5
19 | {% endif %}
20 | {% if postgresql_pg_hba_local_ipv4 is not defined or postgresql_pg_hba_local_ipv4 %}
21 | # IPv4 local connections:
22 | host all all 127.0.0.1/32 md5
23 | {% endif %}
24 | {% if postgresql_pg_hba_local_ipv6 is not defined or postgresql_pg_hba_local_ipv6 %}
25 | # IPv6 local connections:
26 | host all all ::1/128 md5
27 | {% endif %}
28 |
29 | # Entries configured in postgresql_pg_hba_conf follow
30 | {% if postgresql_pg_hba_conf is defined %}
31 | {% for line in postgresql_pg_hba_conf %}
32 | {{ line }}
33 | {% endfor %}
34 | {% endif %}
35 |
36 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/templates/pg_hba.conf.redhat.j2:
--------------------------------------------------------------------------------
1 | ##
2 | ## This file is maintained by Ansible - CHANGES WILL BE OVERWRITTEN
3 | ##
4 |
5 | {% if postgresql_pg_hba_local_socket is not defined or postgresql_pg_hba_local_socket %}
6 | # "local" is for Unix domain socket connections only
7 | local all all peer
8 | {% endif %}
9 | {% if postgresql_pg_hba_local_ipv4 is not defined or postgresql_pg_hba_local_ipv4 %}
10 | # IPv4 local connections:
11 | host all all 127.0.0.1/32 ident
12 | {% endif %}
13 | {% if postgresql_pg_hba_local_ipv6 is not defined or postgresql_pg_hba_local_ipv6 %}
14 | # IPv6 local connections:
15 | host all all ::1/128 ident
16 | {% endif %}
17 |
18 | # Entries configured in postgresql_pg_hba_conf follow
19 | {% if postgresql_pg_hba_conf is defined %}
20 | {% for line in postgresql_pg_hba_conf %}
21 | {{ line }}
22 | {% endfor %}
23 | {% endif %}
24 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/vars/debian.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | postgresql_pgdata_default: /var/lib/postgresql/{{ postgresql_version }}/main
4 | postgresql_conf_dir_default: /etc/postgresql/{{ postgresql_version }}/main
5 | postgresql_service_name: postgresql
6 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | # maps ansible_* to the pgdg repository package name
4 | postgresql_pgdg_families:
5 | #default: redhat
6 | Fedora: fedora
7 |
8 | postgresql_pgdg_shortfamilies:
9 | #default: EL
10 | Fedora: F
11 |
--------------------------------------------------------------------------------
/ansible/roles/ansible-postgresql/vars/redhat.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | postgresql_pgdata_default: /var/lib/pgsql/{{ postgresql_version }}/data
4 | postgresql_conf_dir_default: /var/lib/pgsql/{{ postgresql_version }}/data
5 | postgresql_service_name: postgresql-{{ postgresql_version }}
6 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apty_services: []
3 | # May be updated during execution of the bootstrap role
4 | reboot_required: False
5 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/ATTiny.bat:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | if [[ -z "$1" ]]; then
3 | echo "you need to provide the hex file as a paramater to program!"
4 |
5 | else
6 | echo "${1} is the file your going to program"
7 | echo -n "Proceed? [y/n]: "
8 | read ans
9 | if [[ "$ans" == "y" || "$ans" == "Y" ]]; then
10 | if [[ -r $1 ]]; then
11 | sudo systemctl stop neo-battery-shutdown
12 | sleep 4
13 | avrdude -P /dev/spidev0.0 -c linuxspi -p t88 -U flash:w:$1
14 | sleep 2
15 | sudo systemctl restart neo-battery-shutdown
16 | echo "finished program and restart of neo-battery-shutdown"
17 | else
18 | echo "${1} is not a readable file"
19 | fi
20 | else
21 | echo "Aborting the ATTiny programming by user request"
22 | fi
23 | fi
24 |
25 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/config.txt:
--------------------------------------------------------------------------------
1 | # For more options and information see
2 | # http://rpf.io/configtxt
3 | # Some settings may impact device functionality. See link above for details
4 |
5 | # uncomment if you get no picture on HDMI for a default "safe" mode
6 | #hdmi_safe=1
7 |
8 | # uncomment this if your display has a black border of unused pixels visible
9 | # and your display can output without overscan
10 | #disable_overscan=1
11 |
12 | # uncomment the following to adjust overscan. Use positive numbers if console
13 | # goes off screen, and negative if there is too much border
14 | #overscan_left=16
15 | #overscan_right=16
16 | #overscan_top=16
17 | #overscan_bottom=16
18 |
19 | # uncomment to force a console size. By default it will be display's size minus
20 | # overscan.
21 | #framebuffer_width=1280
22 | #framebuffer_height=720
23 |
24 | # uncomment if hdmi display is not detected and composite is being output
25 | hdmi_force_hotplug=1
26 |
27 | # uncomment to force a specific HDMI mode (this will force VGA)
28 | hdmi_group=2
29 | hdmi_mode=82
30 |
31 | # uncomment to force a HDMI mode rather than DVI. This can make audio work in
32 | # DMT (computer monitor) modes
33 | hdmi_drive=2
34 |
35 | # uncomment to increase signal to HDMI, if you have interference, blanking, or
36 | # no display
37 | config_hdmi_boost=4
38 |
39 | # uncomment for composite PAL
40 | #sdtv_mode=2
41 |
42 | #uncomment to overclock the arm. 700 MHz is the default.
43 | #arm_freq=800
44 |
45 | # Uncomment some or all of these to enable the optional hardware interfaces
46 |
47 | #dtparam=i2s=on
48 | dtparam=i2c_arm=on
49 |
50 | # Uncomment this to enable infrared communication.
51 | #dtoverlay=gpio-ir,gpio_pin=17
52 | #dtoverlay=gpio-ir-tx,gpio_pin=18
53 |
54 | # Additional overlays and parameters are documented /boot/overlays/README
55 |
56 | # Enable audio (loads snd_bcm2835)
57 | dtparam=audio=on
58 |
59 | # force eeprom read set to 0 to dissable boot from trying to read Hat eeproms
60 | force_eeprom_read=0
61 |
62 | [pi4]
63 | # Enable DRM VC4 V3D driver on top of the dispmanx display stack
64 | dtoverlay=vc4-fkms-v3d
65 | max_framebuffers=2
66 | # Overclock the uSD card from 50 to 100 MHz (must use UHS Class 1 cards or better)
67 | dtoverlay=sdtweak,overclock_50=100
68 | # set boloader delay to 0 seconds
69 | boot_delay=0
70 | arm_boost=1
71 |
72 |
73 | [cm4]
74 | dtoverlay=dwc2,dr_mode=host
75 | dtparam=i2c_vc=on
76 | # Overclock the uSD card from 50 to 100 MHz (must use UHS Class 1 cards or better)
77 | dtoverlay=sdtweak,overclock_50=100
78 | # set boloader delay to 0 seconds
79 | boot_delay=0
80 | dtparam=spi=on
81 | dtparam=ant2
82 | # force use of XHCI USB 2 controller on USB-C connector
83 | otg_mode=1
84 |
85 | [pi3]
86 | # Enable DRM VC4 V3D driver on top of the dispmanx display stack
87 | dtoverlay=vc4-kms-v3d
88 | max_framebuffers=2
89 |
90 | [all]
91 | #dissable bluetooth on all systems
92 | dtoverlay=disable-bt
93 | display_auto_detect
94 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/dnsmasq.conf:
--------------------------------------------------------------------------------
1 |
2 | domain=TheWell
3 |
4 |
5 | interface=wlan0
6 | dhcp-range=10.129.0.2,10,129.0.32,255.255.255.0,30m
7 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/etc_avahi_avahi-daemon.conf:
--------------------------------------------------------------------------------
1 | # This file is part of avahi.
2 | #
3 | # avahi is free software; you can redistribute it and/or modify it
4 | # under the terms of the GNU Lesser General Public License as
5 | # published by the Free Software Foundation; either version 2 of the
6 | # License, or (at your option) any later version.
7 | #
8 | # avahi is distributed in the hope that it will be useful, but WITHOUT
9 | # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
10 | # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
11 | # License for more details.
12 | #
13 | # You should have received a copy of the GNU Lesser General Public
14 | # License along with avahi; if not, write to the Free Software
15 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
16 | # USA.
17 |
18 | # See avahi-daemon.conf(5) for more information on this configuration
19 | # file!
20 |
21 | [server]
22 | #host-name=foo
23 | #domain-name=local
24 | #browse-domains=0pointer.de, zeroconf.org
25 | use-ipv4=yes
26 | use-ipv6=yes
27 | #allow-interfaces=eth0
28 | #deny-interfaces=eth1
29 | #check-response-ttl=no
30 | #use-iff-running=no
31 | #enable-dbus=yes
32 | #disallow-other-stacks=no
33 | allow-point-to-point=no
34 | #cache-entries-max=4096
35 | clients-max=30
36 | #objects-per-client-max=1024
37 | #entries-per-entry-group-max=32
38 | ratelimit-interval-usec=1000000
39 | ratelimit-burst=1000
40 |
41 | [wide-area]
42 | enable-wide-area=yes
43 |
44 | [publish]
45 | #disable-publishing=no
46 | #disable-user-service-publishing=no
47 | #add-service-cookie=no
48 | publish-addresses=yes
49 | publish-hinfo=no
50 | publish-workstation=no
51 | publish-domain=yes
52 | publish-dns-servers=10.129.0.2, 10.129.0.32
53 | publish-resolv-conf-dns-servers=yes
54 | #publish-aaaa-on-ipv4=yes
55 | #publish-a-on-ipv6=no
56 |
57 |
58 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/etc_default_hostapd:
--------------------------------------------------------------------------------
1 | # Defaults for hostapd initscript
2 | #
3 | # WARNING: The DAEMON_CONF setting has been deprecated and will be removed
4 | # in future package releases.
5 | #
6 | # See /usr/share/doc/hostapd/README.Debian for information about alternative
7 | # methods of managing hostapd.
8 | #
9 | # Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration
10 | # file and hostapd will be started during system boot. An example configuration
11 | # file can be found at /usr/share/doc/hostapd/examples/hostapd.conf.gz
12 | #
13 | #DAEMON_CONF="/etc/hostapd/hostapd.conf"
14 |
15 | # Additional daemon options to be appended to hostapd command:-
16 | # -d show more debug messages (-dd for even more)
17 | # -K include key data in debug messages
18 | # -t include timestamps in some debug messages
19 | #
20 | # Note that -B (daemon mode) and -P (pidfile) options are automatically
21 | # configured by the init.d script and must not be added to DAEMON_OPTS.
22 | #
23 | #DAEMON_OPTS=""
24 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/etc_default_macchanger:
--------------------------------------------------------------------------------
1 | # before bringing up any network interface, run macchanger. Careful, this is
2 | # not guaranteed to prevent leaking your real MAC address before the new one
3 | # gets assigned!
4 | #
5 | ENABLE_ON_POST_UP_DOWN=true
6 |
7 |
8 | # by default, macchanger runs on all network interfaces but loopback (lo). If
9 | # you only want it to run on specific network interfaces, set them here:
10 | #
11 | ENABLE_INTERFACES="wlan0"
12 | ENABLE_INTERFACES="wlan1"
13 | DISABLE_INTERFACES="eth0"
14 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/etc_macchanger_ifupdown.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #
3 | # randomize MAC address before connecting to wifi or ethernet
4 | #
5 | # This script should always be run in if-pre-up.d, but unfortunately
6 | # NetworkManager does not run if-pre-up.d scripts before it sets up a network
7 | # connection (https://bugzilla.gnome.org/show_bug.cgi?id=387832).
8 | # if-post-down.d scripts are run, so there is a symlink to this script
9 | # there. That means when running network config from the terminal, macchanger
10 | # will be run twice, but it'll only be run in if-post-down.d when using
11 | # NetworkManager.
12 |
13 | package=macchanger
14 |
15 | . /etc/default/${package}
16 | LOGFILE=/var/log/${package}.log
17 | if [ "$ENABLE_ON_POST_UP_DOWN" != "true" ]; then
18 | echo "disabled in /etc/default/${package}" >> $LOGFILE
19 | exit
20 | fi
21 | echo "IFACE = $IFACE" >> $LOGFILE
22 |
23 | # quit if we're called for the loopback
24 | if [ "$IFACE" = lo ]; then
25 | echo "ignoring loopback" >> $LOGFILE
26 | exit 0
27 | fi
28 |
29 | # quit if we're called for the eth0
30 | if [ "$IFACE" = eth0 ]; then
31 | echo "ignoring eth0">> $LOGFILE
32 | exit 0
33 | fi
34 |
35 | ifconfig $IFACE down
36 | /usr/bin/${package} -a $IFACE >> $LOGFILE 2>&1
37 | ifconfig $IFACE up
38 |
39 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/etc_network_if-post-down.d_macchanger:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #
3 | # randomize MAC address before connecting to wifi or ethernet
4 | #
5 | # This script should always be run in if-pre-up.d, but unfortunately
6 | # NetworkManager does not run if-pre-up.d scripts before it sets up a network
7 | # connection (https://bugzilla.gnome.org/show_bug.cgi?id=387832).
8 | # if-post-down.d scripts are run, so there is a symlink to this script
9 | # there. That means when running network config from the terminal, macchanger
10 | # will be run twice, but it'll only be run in if-post-down.d when using
11 | # NetworkManager.
12 |
13 | package=macchanger
14 |
15 | . /etc/default/${package}
16 |
17 | LOGFILE=/var/log/${package}.log
18 |
19 | if [ "$ENABLE_ON_POST_UP_DOWN" != "true" ]; then
20 | echo "disabled in /etc/default/${package}" >> $LOGFILE
21 | exit
22 | fi
23 |
24 | echo "IFACE = $IFACE" >> $LOGFILE
25 |
26 | # quit if we're called for the loopback
27 | if [ "$IFACE" = lo ]; then
28 | echo "ignoring loopback" >> $LOGFILE
29 | exit 0
30 | fi
31 |
32 | # quit if we're called for the eth0
33 | if [ "$IFACE" = eth0 ]; then
34 | echo "ignoring eth0">> $LOGFILE
35 | exit 0
36 | fi
37 |
38 | ifconfig $IFACE down
39 | /usr/bin/${package} -a $IFACE >> $LOGFILE 2>&1
40 | ifconfig $IFACE up
41 |
42 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/etc_systemd_system_PxUSBm.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=PxUSBm service to monitor the web AP and assist in expansion of disk and format
3 | After=network.target
4 | StartLimitIntervalSec=0
5 |
6 | [Service]
7 | Type=simple
8 | Restart=on-failure
9 | RestartSec=10
10 | User=root
11 | ExecStart=/usr/bin/env python3 /usr/local/connectbox/bin/PxUSBm.py
12 |
13 | [Install]
14 | WantedBy=multi-user.target
15 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/ethtool:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | ETHTOOL=/sbin/ethtool
4 |
5 | test -x $ETHTOOL || exit 0
6 |
7 | [ "$IFACE" != "lo" ] || exit 0
8 |
9 | # Gather together the mixed bag of settings applied with -s/--change
10 | SETTINGS="\
11 | ${IF_ETHERNET_PORT:+ port $IF_ETHERNET_PORT}\
12 | ${IF_DRIVER_MESSAGE_LEVEL:+ msglvl $IF_DRIVER_MESSAGE_LEVEL}\
13 | "
14 | [ -z "$SETTINGS" ] || $ETHTOOL --change "$IFACE" $SETTINGS
15 |
16 | $ETHTOOL --change eth0 advertise 0x008
17 |
18 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/modules:
--------------------------------------------------------------------------------
1 | # /etc/modules: kernel modules to load at boot time
2 | #
3 | # This file contains the names of kernel modules that should be loaded
4 | # at boot time, one per line. Lines beginning with "#" are ignored
5 |
6 | i2c-dev
7 | g_serial
8 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/test_RestartWLAN.py:
--------------------------------------------------------------------------------
1 | import pexpect
2 | import time
3 | import logging
4 | import re
5 | import os
6 | from subprocess import Popen, PIPE
7 | import subprocess
8 |
9 | def RestartWLAN(b):
10 | print("In RestartWLAN()")
11 | wlanx = "wlan"+str(b)
12 | print ("wlanx->"+wlanx)
13 |
14 | cmd = "systemctl restart hostapd"
15 | rv = subprocess.call(cmd, shell=True)
16 | print("hostapd... Returned value ->", rv)
17 |
18 | cmd = "systemctl restart dnsmasq"
19 | rv = subprocess.call(cmd, shell=True)
20 | print("dmasq... Returned value ->", rv)
21 |
22 | cmd = "ifdown "+wlanx
23 | rv = subprocess.call(cmd, shell=True)
24 | print("ifdown ... Returned value ->", rv)
25 |
26 | cmd = "ifup "+wlanx
27 | rv = subprocess.call(cmd, shell=True)
28 | print("ifup... Returned value ->", rv)
29 | print("..")
30 |
31 | time.sleep(3)
32 |
33 | cmd = "iwconfig"
34 | rv = subprocess.check_output(cmd)
35 | rvs = rv.decode("utf-8")
36 | print("iwconfig Returned value ->", rvs)
37 | print("..")
38 | print(rvs)
39 |
40 | if ("802.11gn" in rvs):
41 | print ("WLAN IS UP!")
42 | else:
43 | print("WLAN not up... we need to run hostapd")
44 | cmd = "systemctl restart hostapd"
45 | rv = subprocess.call(cmd, shell=True)
46 | print("hostpad... Returned value ->", rv)
47 |
48 |
49 | exit()
50 |
51 |
52 |
53 | if __name__ == "__main__":
54 | RestartWLAN(0)
55 |
56 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/base_library.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/base_library.zip
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_bz2.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_bz2.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_cn.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_cn.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_hk.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_hk.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_iso2022.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_iso2022.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_jp.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_jp.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_kr.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_kr.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_tw.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_codecs_tw.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_contextvars.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_contextvars.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_ctypes.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_ctypes.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_decimal.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_decimal.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_hashlib.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_hashlib.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_lzma.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_lzma.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_multibytecodec.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/_multibytecodec.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/resource.cpython-39-arm-linux-gnueabihf.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/lib-dynload/resource.cpython-39-arm-linux-gnueabihf.so
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libbz2.so.1.0:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libbz2.so.1.0
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libcrypto.so.1.1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libcrypto.so.1.1
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libexpat.so.1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libexpat.so.1
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libffi.so.7:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libffi.so.7
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libgcc_s.so.1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libgcc_s.so.1
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/liblzma.so.5:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/liblzma.so.5
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libmpdec.so.3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libmpdec.so.3
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libpython3.9.so.1.0:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libpython3.9.so.1.0
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libz.so.1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poewroff_internal/libz.so.1
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poweroff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/bootstrap/files/usr_local_bin_poweroff_poweroff
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_connectbox_bin_CreateLogFiles.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # The directories /var/log/connectbox and /var/log/nginx are being
4 | # deleted ate every reboot of the ConnectBox (reason unknown)
5 | # This script will run at reboot and rebuild those files, then
6 | # restart the nginx service.
7 |
8 | if [ ! -d "/var/log/connectbox" ]
9 | then
10 | mkdir /var/log/connectbox
11 | fi
12 |
13 | if [ ! -d "/var/log/nginx" ]
14 | then
15 | mkdir /var/log/nginx
16 | fi
17 |
18 | touch /var/log/connectbox/captive_portal-access.log
19 | touch /var/log/connectbox/captive_portal-error.log
20 | touch /var/log/connectbox/connectbox-access.log
21 | touch /var/log/connectbox/connectbox-error.log
22 | touch /var/log/nginx/access.log
23 | touch /var/log/nginx/error.log
24 |
25 | systemctl restart nginx
26 |
27 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_connectbox_bin_LICENSE.txt:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2021 Josh Brunty
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_connectbox_bin_TestPxUSBm.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 | # -*- coding: utf-8 -*-
3 |
4 | '''
5 | PxUSBm.py test for running
6 | (Partition Expansion USB mount)
7 |
8 | This module is a check of code to do veryify that PxUSBm is running. If it is not it is restarted, or attempted to be restarted.
9 | If successfull then it is happy if not unhappy
10 | '''
11 |
12 |
13 | import pexpect
14 | import time
15 | import logging
16 | import re
17 | import os
18 | from subprocess import Popen, PIPE
19 | import subprocess
20 | import io
21 | import json
22 | import sys
23 |
24 | def runcheck():
25 | process = Popen(["/bin/systemctl",'status','PxUSBm'], shell = False, stdout=PIPE, stderr=PIPE)
26 | stdout, stderr = process.communicate()
27 | serva = str(stdout)
28 | x = serva.find("Active: active")
29 | if x < 0: #we found our AP ifup service
30 | print("Ok we found the PxUSBm.service not running")
31 | logging.info("Ok we found an PxUSBm.service not running")
32 | try:
33 | print("Ok were going to try restarting the PxUSBm.service")
34 | logging.info("OK we are going to try restarting the PxUSBm.service")
35 | os.system("/bin/systemctl restart PxUSBm")
36 | time.sleep(20)
37 | process = Popen(["/bin/systemctl","status","PxUSBm"], shell=False, stdout=PIPE, stderr=PIPE)
38 | stdout, stderr = process.communicate()
39 | serva == str(stdout)
40 | x = serva.find("Active: active")
41 | if x > 0:
42 | print("Well we succeeded in restarting the PxUSBm service")
43 | logging.info("Well we succeded in restarting the PxUSBm.service")
44 | return(0) #Ok we succeeded in the restart were up and running.
45 | else:
46 | logging.info("We didn't succeed on the restart its still down")
47 | print("Well we didn't succeed on the restart of PxUSBm its still down")
48 | return(1)
49 | except:
50 | logging.info("We failed on the restart attempt of PxUSBm.service")
51 | print("We failed on the restart attempt of PxUSBm.service")
52 | return(1) #We errored out on the retry of starting the ifup@AP service
53 | else:
54 | print("PxUSBm is running")
55 | return(0)
56 |
57 |
58 | if __name__ == "__main__":
59 |
60 | runcheck()
61 |
62 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_connectbox_bin_determineBoxID.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/perl
2 |
3 | # If a box doesn't have a statically assigned MAC address, such as NEO, we need to craft a boxid (in MAC format)
4 | # that can be used for phone home
5 | # Derek Maxson, 20211115
6 |
7 | # Get eth0 MAC Address
8 | my $mac = `cat /sys/class/net/eth0/address`;
9 |
10 | # Get the second character in the string
11 | my $magicBit = substr($mac,1,1);
12 |
13 | # Evaluate if the string is indicating a "locally-administered MAC address"
14 | if ($magicBit eq "2" || $magicBit eq "6" || lc($magicBit) eq "a" || lc($magicBit) eq "e") {
15 | #print "Locally Administered\n";
16 | # Now craft new MAC from machine-id so that it won't change all the time!
17 | my $machineId = `cat /etc/machine-id`;
18 | $mac = "0a" . substr($machineId,0,10);
19 | $mac = join(':', unpack '(A2)*', $mac);
20 | }
21 |
22 | print $mac;
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_connectbox_bin_shutdown.sh:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env python3
2 | import smbus2
3 | import os
4 | from axp209 import AXP209, AXP209_ADDRESS
5 |
6 | try:
7 | axp = AXP209(10) # i2c-10 on CM4
8 | hexval = axp.bus.read_byte_data(0x14,0x10) # ATTiny there?
9 | hexval = axp.bus.read_byte_data(AXP209_ADDRESS, 0x32)
10 | hexval = hexval | 0x80
11 | print (hexval)
12 | axp.bus.write_byte_data(AXP209_ADDRESS,0x32,hexval)
13 | except:
14 | os.system("shutdown now")
15 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/files/usr_local_connectbox_bin_shutdownShell.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | source /usr/local/connectbox/battery_tool_venv/bin/activate
4 |
5 | python3 /usr/local/connectbox/bin/shutdown.sh
6 |
7 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Install PxUSBm.py
4 | copy:
5 | src: usr_local_connectbox_bin_PxUSBm.py
6 | dest: /usr/local/connectbox/bin/PxUSBm.py
7 | mode: 0755
8 |
9 | - name: Install urllib3
10 | pip:
11 | name: urllib3
12 |
13 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/templates/10-switch-role.conf.j2:
--------------------------------------------------------------------------------
1 | [Service]
2 | ExecStartPre=-/bin/sh -c "echo 2> /sys/bus/platform/devices/sunxi_usb_udc/otg_role"
3 |
4 |
--------------------------------------------------------------------------------
/ansible/roles/bootstrap/templates/brand_txt.j2:
--------------------------------------------------------------------------------
1 | {
2 | "Brand": "{{ connectbox_default_hostname }}",
3 | "enhancedInterfaceLogo": "{{ enhanced_interface_logo }}",
4 | "Image": "{{ lcd_logo }}",
5 | "Font": {{ lcd_font_size }},
6 | "pos_x": {{ lcd_x_position}},
7 | "pos_y": {{ lcd_y_position}},
8 | "Device_type": "{{ device_type }}",
9 | "usb0NoMount": {{ usbNoMount }},
10 | "lcd_pages_main": {{ lcd_pages_main }},
11 | "lcd_pages_info": {{ lcd_pages_info }},
12 | "lcd_pages_battery": {{ lcd_pages_battery }},
13 | "lcd_pages_multi_bat": {{ lcd_pages_multi_bat }},
14 | "lcd_pages_memory": {{ lcd_pages_memory }},
15 | "lcd_pages_stats_hour_one": {{ lcd_pages_stats_hour_one }},
16 | "lcd_pages_stats_hour_two": {{ lcd_pages_stats_hour_two }},
17 | "lcd_pages_stats_day_one": {{ lcd_pages_stats_day_one }},
18 | "lcd_pages_stats_day_two": {{ lcd_pages_stats_day_two }},
19 | "lcd_pages_stats_week_one": {{ lcd_pages_stats_week_one }},
20 | "lcd_pages_stats_week_two": {{ lcd_pages_stats_week_two }},
21 | "lcd_pages_stats_month_one": {{ lcd_pages_stats_month_one }},
22 | "lcd_pages_stats_month_two": {{ lcd_pages_stats_month_two }},
23 | "lcd_pages_admin": {{ lcd_pages_admin }},
24 | "Enable_MassStorage": "{{ enable_mass_storage }}",
25 | "g_device": "{{ g_device }}",
26 | "otg": "{{ otg_enable }}",
27 | "server_url": "{{ server_url }}",
28 | "server_authorization": "{{ server_authorization }}",
29 | "server_sitename": "{{ server_sitename }}",
30 | "server_siteadmin_name": "{{ server_siteadmin_name }}",
31 | "server_siteadmin_email": "{{ server_siteadmin_email }}",
32 | "server_siteadmin_phone": "{{ server_siteadmin_phone }}",
33 | "server_siteadmin_country": "{{ server_siteadmin_country }}"
34 | }
--------------------------------------------------------------------------------
/ansible/roles/captive-portal/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | captiveportal_virtualenv_dir: "/usr/local/connectbox/captive_portal_venv"
3 | captiveportal_run_directory: "/run/captiveportal"
4 | captiveportal_pid_file: "{{ captiveportal_run_directory }}/pid"
5 | captiveportal_user: _connectbox
6 | captiveportal_group: _connectbox
7 | captiveportal_log_level: "error"
8 |
--------------------------------------------------------------------------------
/ansible/roles/captive-portal/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Restart captiveportal
3 | service:
4 | name: captiveportal
5 | state: restarted
6 |
--------------------------------------------------------------------------------
/ansible/roles/captive-portal/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Make captive portal virtualenv base directory
3 | file:
4 | path: "{{ captiveportal_virtualenv_dir }}"
5 | state: directory
6 |
7 |
8 | - name: Make log file location under connectbox log directory for captive-portal
9 | file:
10 | path: "{{connectbox_log_dir}}/captive_portal-access.log"
11 | state: touch
12 |
13 | - name: Make log file location under connectbox log directory for connectbox
14 | file:
15 | path: "{{connectbox_log_dir}}/connectbox-error.log"
16 | state: touch
17 |
18 | - name: install the right version of Werkzeug tools
19 | pip:
20 | virtualenv: "{{ captiveportal_virtualenv_dir }}"
21 | virtualenv_python: python3
22 | name: Werkzeug==1.0.0
23 |
24 | - name: Setup captive portal virtualenv
25 | pip:
26 | virtualenv: "{{ captiveportal_virtualenv_dir }}"
27 | virtualenv_python: python3
28 | name: git+https://github.com/ConnectBox/simple-offline-captive-portal.git
29 | notify:
30 | - Restart captiveportal
31 |
32 | - name: Copy captive portal tempfiles definition
33 | template:
34 | src: etc_tmpfiles.d_captiveportal.conf.j2
35 | dest: /etc/tmpfiles.d/captiveportal.conf
36 |
37 | - name: Copy captiveportal systemd unit file
38 | template:
39 | src: etc_systemd_system_captiveportal.service.j2
40 | dest: /etc/systemd/system/captiveportal.service
41 | notify: Restart captiveportal
42 |
43 | - name: Enable captiveportal service
44 | service:
45 | name: captiveportal
46 | enabled: yes
47 | #state: started
48 |
--------------------------------------------------------------------------------
/ansible/roles/captive-portal/templates/etc_systemd_system_captiveportal.service.j2:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=captiveportal daemon
3 | After=network.target
4 |
5 | [Service]
6 | PIDFile={{ captiveportal_pid_file }}
7 | User={{ captiveportal_user }}
8 | Group={{ captiveportal_group }}
9 | RuntimeDirectory=captiveportal
10 | WorkingDirectory={{ connectbox_log_dir }}
11 | Environment='GUNICORN_CMD_ARGS="--capture-output True"'
12 | ExecStart={{ captiveportal_virtualenv_dir }}/bin/gunicorn \
13 | --log-file - \
14 | --log-level {{ captiveportal_log_level }} \
15 | --pid {{ captiveportal_pid_file }} \
16 | --bind 127.0.0.1:{{ captiveportal_listen_port }} captiveportal:app
17 | ExecReload=/bin/kill -s HUP $MAINPID
18 | ExecStop=/bin/kill -s TERM $MAINPID
19 | PrivateTmp=true
20 |
21 | [Install]
22 | WantedBy=multi-user.target
23 |
--------------------------------------------------------------------------------
/ansible/roles/captive-portal/templates/etc_tmpfiles.d_captiveportal.conf.j2:
--------------------------------------------------------------------------------
1 | chmod {{ captiveportal_run_directory }} 0755 {{ gunicorn_user }} {{ gunicorn_group }} -
2 |
--------------------------------------------------------------------------------
/ansible/roles/connectbox-pi/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | developer_mode: False
3 | # Command to run at the end of the playbook run to potentially disable
4 | # accounts and sshd
5 | final_command: ""
6 |
--------------------------------------------------------------------------------
/ansible/roles/connectbox-pi/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # Skip lint because there's no way that ansible-lint can know at build time
3 | # that we're legitimately use shell because of the && that is always
4 | # present when this is run.
5 | - name: Run final disabling commands
6 | shell: "'{{ final_command | quote }}'"
7 | args:
8 | warn: no
9 | when: final_command != ""
10 | tags:
11 | - skip_ansible_lint
12 |
--------------------------------------------------------------------------------
/ansible/roles/connectbox-pi/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 | - bootstrap
4 | - { role: hat-service, when: not aws_instance }
5 | - { role: dns-dhcp, when: not aws_instance }
6 | - { role: network-interfaces, when: not aws_instance }
7 | - { role: wifi-ap, when: not aws_instance }
8 | - { role: mikegleasonjr.firewall, when: not aws_instance }
9 | # - { role: php, when: build_moodle}
10 | # - { role: ansible-postgresql, when: build_moodle}
11 | # - { role: moodle, when: build_moodle}
12 | - { role: enhanced-content, when: enhanced_interface}
13 | - nginx
14 | - captive-portal
15 | - webserver-content
16 | - usb-content
17 | - { role: sample-content, when: not enhanced_interface}
18 | - rpi-permissions
19 | - { role: wlan-set, when: not aws_instance }
20 | - remove-lz4
21 |
--------------------------------------------------------------------------------
/ansible/roles/connectbox-pi/templates/access-log-analyzer.conf.j2:
--------------------------------------------------------------------------------
1 | [main]
2 | # Directory to store the sqlite databases holding aggregated stats
3 | DATABASE_DIRECTORY: /usr/local/access-log-analyzer/var
4 |
5 | # Directory to write json stats files
6 | OUTPUT_DIRECTORY: /var/www/connectbox/connectbox_default
7 |
--------------------------------------------------------------------------------
/ansible/roles/connectbox-pi/templates/connectbox.conf.j2:
--------------------------------------------------------------------------------
1 | [main]
2 | # Directory to store the sqlite databases used by connectbox service
3 | DATABASE_DIRECTORY: /usr/local/connectbox/var
4 |
--------------------------------------------------------------------------------
/ansible/roles/connectbox-pi/templates/logrotate.hourly.conf.j2:
--------------------------------------------------------------------------------
1 | {{ connectbox_log_dir }}/*.log {
2 | rotate 12
3 | missingok
4 | compress
5 | delaycompress
6 | sharedscripts
7 | create 0640 www-data adm
8 | notifempty
9 | size 1k
10 | prerotate
11 | if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
12 | run-parts /etc/logrotate.d/httpd-prerotate; \
13 | fi \
14 | endscript
15 | postrotate
16 | invoke-rc.d nginx rotate >/dev/null 2>&1
17 | /usr/local/access-log-analyzer/bin/access-log-analyzer.sh --config /usr/local/access-log-analyzer/etc/access-log-analyzer.conf {{ connectbox_access_log }}.1
18 | endscript
19 | }
20 | {{ connectbox_log_dir }}/*.json {
21 | monthly
22 | rotate 12
23 | missingok
24 | create 0640 www-data adm
25 | notifempty
26 | size 10M
27 | }
--------------------------------------------------------------------------------
/ansible/roles/dns-dhcp/README.md:
--------------------------------------------------------------------------------
1 | [dnsmasq](https://en.wikipedia.org/wiki/Dnsmasq) combines a DHCP server and stand-alone DNS resolver.
2 |
--------------------------------------------------------------------------------
/ansible/roles/dns-dhcp/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # Make sure this does not overlap with the host WLAN ip specified
3 | # in network-interfaces/defaults/main.yml (or where-ever it might
4 | # be overridden
5 | # Assumes dhcp is being offered on the same network as the host WLAN ip
6 | dhcp_range_start: 10.129.0.2
7 | dhcp_range_end: 10.129.255.250
8 | dhcp_lease_time_secs: 14400
9 |
--------------------------------------------------------------------------------
/ansible/roles/dns-dhcp/files/etc_default_dnsmasq:
--------------------------------------------------------------------------------
1 | # This file has five functions:
2 | # 1) to completely disable starting dnsmasq,
3 | # 2) to set DOMAIN_SUFFIX by running `dnsdomainname`
4 | # 3) to select an alternative config file
5 | # by setting DNSMASQ_OPTS to --conf-file=
6 | # 4) to tell dnsmasq to read the files in /etc/dnsmasq.d for
7 | # more configuration variables.
8 | # 5) to stop the resolvconf package from controlling dnsmasq's
9 | # idea of which upstream nameservers to use.
10 | #
11 | # Whether or not to run the dnsmasq daemon; set to 0 to disable.
12 | ENABLED=1
13 |
14 | # By default search this drop directory for configuration options.
15 | # Libvirt leaves a file here to make the system dnsmasq play nice.
16 | # Comment out this line if you don't want this. The dpkg-* are file
17 | # endings which cause dnsmasq to skip that file. This avoids pulling
18 | # in backups made by dpkg.
19 | CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
20 |
21 | # http://raspberrypi.stackexchange.com/questions/37439/proper-way-to-prevent-dnsmasq-from-overwriting-dns-server-list-supplied-by-dhcp
22 | DNSMASQ_EXCEPT=lo
23 |
--------------------------------------------------------------------------------
/ansible/roles/dns-dhcp/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/ansible/roles/dns-dhcp/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Copy dnsmasq configuration
3 | template:
4 | src: etc_dnsmasq.conf.j2
5 | dest: /etc/dnsmasq.conf
6 | owner: root
7 | group: root
8 | mode: 0644
9 |
10 | - name: Create dnsmasq directory
11 | file:
12 | path: /etc/dnsmasq
13 | state: directory
14 | owner: root
15 | group: root
16 | mode: 0700
17 |
18 | - name: Copy script used by dhcp-script handler
19 | template:
20 | src: process-dhcp-event.sh.j2
21 | dest: /etc/dnsmasq/process-dhcp-event.sh
22 | owner: root
23 | group: root
24 | mode: 0700
25 |
26 | # Note that the handler must do a restart instead of a reload as some of
27 | # these defaults are only read at startup
28 | - name: Create defaults for dnsmasq used when starting dnsmasq (including not adding the local machine as a resolver)
29 | copy:
30 | src: etc_default_dnsmasq
31 | dest: /etc/default/dnsmasq
32 |
33 | # This is necessary because nginx redirects to the hostname, but the hostname
34 | # is listed in /etc/hosts and associated with 127.0.0.1 (so dnsmasq uses it
35 | # when answering queries). By adding this, and the localise-queries option
36 | # to dnsmasq, we answer with the address of the wifi interface. There's no
37 | # need to do this for the ethernet interface, as we're not answering queries
38 | # on that interface (we're not even listening)
39 | - name: Add /etc/hosts entry for wifi interface
40 | lineinfile:
41 | dest: /etc/hosts
42 | line: "{{ client_facing_if_ip_address }} {{ connectbox_default_hostname }}"
43 |
44 | #- name: Add /etc/hosts entry for Moodle at learn.
45 | # lineinfile:
46 | # dest: /etc/hosts
47 | # line: "{{ client_facing_if_ip_address }} learn.{{ connectbox_default_hostname }}"
48 | # when: build_moodle
49 |
50 | # Install dnsmasq after the config files are in place.
51 | # Installation of dnsmasq starts the service, and if the config files aren't
52 | # correct when the service starts, it removes the upstream resolver from
53 | # /etc/resolv.conf, and it's necessary to restart dhclient to repopulate
54 | # /etc/resolv.conf with the upstream resolver.
55 | # Unfortunately this means we can't use the validate clause on the
56 | # dnsmasq.conf template task
57 | - name: Install dnsmasq
58 | apt:
59 | name: dnsmasq
60 | state: present
61 |
62 | - name: Stop and disable dnsmasq given it is managed as a pre-down post-up task for wlan0
63 | service:
64 | name: dnsmasq
65 | enabled: no
66 | state: stopped
67 |
68 | # No need for a followup service task, as it's automatically enabled and
69 | # started.
70 | - name: Install avahi-daemon
71 | apt:
72 | name: avahi-daemon
73 | state: present
74 |
75 | # Default is to start and enable, but let's be sure
76 | - name: Enable and start avahi-daemon
77 | service:
78 | name: avahi-daemon
79 | enabled: yes
80 | state: started
81 |
--------------------------------------------------------------------------------
/ansible/roles/dns-dhcp/templates/etc_dnsmasq.conf.j2:
--------------------------------------------------------------------------------
1 | # Many thanks to https://www.pi-point.co.uk/closedcloud-walkthrough/
2 |
3 | # Never forward A or AAAA queries for plain names, without dots or domain
4 | # parts, to upstream nameservers. If the name is not known from /etc/hosts
5 | # or DHCP then a "not found" answer is returned.
6 | domain-needed
7 |
8 | # Run whenever there's a dhcp event
9 | dhcp-script=/etc/dnsmasq/process-dhcp-event.sh
10 |
11 | # Bogus private reverse lookups. All reverse lookups for private IP ranges
12 | # (ie 192.168.x.x, etc) which are not found in /etc/hosts or the DHCP leases
13 | # file are answered with "no such domain" rather than being forwarded
14 | # upstream.
15 | bogus-priv
16 |
17 | # Don't read /etc/resolv.conf. Get upstream servers only from the command
18 | # line or the dnsmasq configuration file.
19 | no-resolv
20 |
21 | # Return Akami addresses for Android devices to display the captive portal
22 | # They don't need to be routable, just non-private IP space
23 | {% for host in hosts_requiring_non_private_captive_portal_ip %}
24 | address=/{{ host }}/{{ non_private_captive_portal_ip }}
25 | {% endfor %}
26 |
27 | # Return the connectbox-pi address for all queries, unless they match dhcp
28 | # leases or are answered from /etc/hosts
29 | address=/#/{{ client_facing_if_ip_address }}
30 |
31 | # Set the learn.wellbox (or alternate hostname) for Moodle (DM 20210804)
32 | address=/learn.{{connectbox_default_hostname}}/{{ client_facing_if_ip_address }}
33 |
34 | # When a host is listed in /etc/hosts with multiple addresses, return the
35 | # on associated with the interface on which the query was received.
36 | localise-queries
37 |
38 | # Tell clients to cache IP addresses for 5 seconds. This overrides the
39 | # default of 0, which would place more load on this service because
40 | # queries would never be cached. By setting the TTL very low, however,
41 | # we make sure that the client's resolver won't have the bogus addresses
42 | # from this service in cache when it switches away to another WiFi network
43 | # or goes back to using a cellular service
44 | local-ttl=5
45 |
46 | # Don't log MAC addresses, as they're potentially incriminating
47 | quiet-dhcp
48 | quiet-dhcp6
49 |
50 | # Speed up DHCP by allowing it to reject unknown leases
51 | dhcp-authoritative
52 |
53 | # Don't keep a leasefile, as leases contain MAC addresses and they're
54 | # potentially incriminating
55 | leasefile-ro
56 |
57 | domain={{ hostname }}
58 |
59 | {% if developer_mode -%}
60 | # Enable only dns on the external facing interface
61 | # We provide interface=* here because dnsmasq will refuse to start (thus
62 | # causing all manner of problems) if the lan_dns_if is unavailable.
63 | # While this means that dev images might expose dhcp if someone plugs
64 | # in another interface, we're not attempting to protect for that scenario
65 | # particularly because this only applies to dev images.
66 | interface=*
67 | no-dhcp-interface={{ lan_dns_if }}
68 | {%- endif %}
69 |
70 | interface={{ client_facing_if }}
71 | dhcp-range={{ dhcp_range_start }},{{ dhcp_range_end }},{{ client_facing_if_netmask }},{{ dhcp_lease_time_secs }}
72 |
--------------------------------------------------------------------------------
/ansible/roles/dns-dhcp/templates/process-dhcp-event.sh.j2:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Arguments are of the format:
4 | # old ab:cd:ef:12:34:56 10.129.134.38 android-db8e80208810ccdd
5 |
6 | OPERATION=$1
7 | MAC=$2
8 | IP=$3
9 | CLIENT_NAME=$4
10 | # We cannot guarantee that the endpoint will be available when we want to
11 | # invoke this script (this script runs with an 'init' event at dnsmasq
12 | # startup, so we ignore the exit status from curl. We don't care for it
13 | # anyway, so that's no great loss.
14 | curl -d "dhcp_ip=$3" -d "operation=$1" http://127.0.0.1/handle_dhcp_event || true
15 |
--------------------------------------------------------------------------------
/ansible/roles/enhanced-content/defaults/main.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/enhanced-content/defaults/main.yml
--------------------------------------------------------------------------------
/ansible/roles/enhanced-content/files/bin_connectboxmanage:
--------------------------------------------------------------------------------
1 | #!/usr/bin/perl
2 |
3 | # A proxy to give easy command line access to connectbox-manage cli
4 |
5 | my ($command,$key,$value) = @ARGV;
6 | system("cd /var/www/enhanced/connectbox-manage/src && ./clientcli.py $command $key $value");
7 |
--------------------------------------------------------------------------------
/ansible/roles/enhanced-content/files/connectbox_enhanced.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/enhanced-content/files/connectbox_enhanced.json
--------------------------------------------------------------------------------
/ansible/roles/enhanced-content/handlers/main.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/enhanced-content/handlers/main.yml
--------------------------------------------------------------------------------
/ansible/roles/hat-service/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | hat_service_virtualenv_dir: /usr/local/connectbox/battery_tool_venv
3 |
--------------------------------------------------------------------------------
/ansible/roles/hat-service/files/radxa_CM3.py:
--------------------------------------------------------------------------------
1 | # -*- coding: utf-8 -*-
2 | # Copyright (c) 2018 Richard Hull & Contributors
3 | # See LICENSE.md for details.
4 |
5 | # copied and modified by JRA - 073123
6 |
7 | """
8 | Alternative pin mappings for Radxa Zero
9 | (see https://wiki.radxa.com/Zero/hardware/gpio)
10 |
11 | Usage:
12 |
13 | .. code:: python
14 | import radxa.CM3
15 | from RPi import GPIO
16 |
17 | GPIO.setmode(radxa.CM3.BOARD) or GPIO.setmode(radxa.CM3.BCM)
18 | """
19 |
20 | # Formula for converting from GPIOx_yz go IO number:
21 | # IO = 32 * x + 8 * y + z
22 | # where y = 0,1,2,3 for A,B,C,D
23 |
24 | # Radxa CM3 physical board pin to GPIO pin
25 | BOARD = {
26 | 3: 14, # GPIO0_B6 |
27 | 5: 13, # GPIO0_B5 |
28 | 7: 125, # GPIO3_D5 |
29 | 8: 25, # GPIO0_D1 |
30 | 10: 24, # GPIO0_D0 |
31 | 11: 23, # GPIO0_C7 |
32 | 12: 119, # GPIO3_C7 |
33 | 13: 15, # GPIO0_B7 |
34 | 15: 19, # GPIO0_C3 |
35 | 16: 124, # GPIO3_D4 |
36 | 18: 123, # GPIO3_D3 |
37 | 19: 138, # GPIO4_B2 |
38 | 21: 136, # GPIO4_B0 |
39 | 22: 118, # GPIO3_C6 |
40 | 23: 139, # GPIO4_B3 |
41 | 24: 134, # GPIO4_A6 |
42 | 27: 140, # GPIO4_B4 |
43 | 28: 141, # GPIO4_B5 |
44 | 29: 137, # GPIO4_B1 |
45 | 31: 21, # GPIO0_C5 |
46 | 32: 144, # GPIO4_C0 |
47 | 33: 22, # GPIO0_C6 |
48 | 35: 120, # GPIO3_D0 |
49 | 36: 135, # GPIO4_A7 |
50 | 37: 18, # GPIO0_C2 |
51 | 38: 122, # GPIO3_D2 |
52 | 40: 121, # GPIO3_D1 |
53 | }
54 |
55 | # No reason for BCM mapping, keeping it for compatibility
56 | BCM = BOARD
57 |
--------------------------------------------------------------------------------
/ansible/roles/hat-service/files/radxa___init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/hat-service/files/radxa___init__.py
--------------------------------------------------------------------------------
/ansible/roles/hat-service/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: restart neo battery shutdown service
4 | systemd:
5 | name: "{{ hat_service_name }}"
6 | daemon_reload: yes
7 | state: restarted
8 |
9 | - name: remove build and files
10 | file:
11 | path: /home/*
12 | state: absent
13 |
14 |
15 | - name: get rigd of gcc
16 | apt:
17 | name: gcc
18 | state: absent
19 |
--------------------------------------------------------------------------------
/ansible/roles/hat-service/templates/neo-battery-shutdown.service.j2:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=ConnectBox NEO Battery Shutdown Service
3 | After=network.target
4 | # pa-pulldown.service NOT required... now handled by RPi.GPIO calls
5 |
6 | [Service]
7 | Type=simple
8 | ExecStart={{ hat_service_virtualenv_dir }}/bin/neo_batterylevelshutdown
9 | Restart=on-failure
10 |
11 | [Install]
12 | WantedBy=basic.target
13 |
--------------------------------------------------------------------------------
/ansible/roles/hat-service/vars/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | hat_service_name: neo-battery-shutdown.service
3 | # pa_pulldown no longer used as of Focal
4 | #pa_pulldown_enabler_service_name: pa-pulldown.service
5 |
--------------------------------------------------------------------------------
/ansible/roles/image-preparation/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | shutdown_in_image_preparation: True
3 | overwrite_database: false
4 |
--------------------------------------------------------------------------------
/ansible/roles/image-preparation/files/armbian-resize-filesystem.service:
--------------------------------------------------------------------------------
1 | # Armbian resize filesystem service
2 | # Resizes partition and filesystem on first/second boot
3 | # This service may block the boot process for up to 3 minutes
4 |
5 | [Unit]
6 | Description=Armbian filesystem resize
7 | Before=basic.target
8 | After=sysinit.target local-fs.target
9 | DefaultDependencies=no
10 |
11 | [Service]
12 | Type=oneshot
13 | RemainAfterExit=yes
14 | ExecStart=/usr/lib/armbian-resize-filesystem start
15 | TimeoutStartSec=6min
16 |
17 | [Install]
18 | WantedBy=basic.target
19 |
--------------------------------------------------------------------------------
/ansible/roles/image-preparation/handlers/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Warn against rebooting
3 | debug:
4 | msg:
5 | - ===================================================================
6 | - Once this playbook run has finished, do not reboot the device.
7 | - If the device is rebooted, the resizing of the root filesystem
8 | - would not happen for users of the image, and their wifi regulatory
9 | - domain may be set incorrectly.
10 | - ====================================================================
11 | - .
12 | - ====================================================================
13 | - Wait until the target machine has completely shut down (no blinking
14 | - activity from on-board LEDs) before removing power!!
15 | - ====================================================================
16 |
17 | # Skip lint because there's no way that ansible-lint can know at build time
18 | # that we're legitimately use shell because of the && that is always
19 | # present when this is run.
20 | - name: Perform final shutdown
21 | shell: sleep 2 && /sbin/shutdown -h now
22 | args:
23 | warn: no
24 | async: 1
25 | poll: 0
26 | when: shutdown_in_image_preparation
27 | tags:
28 | - skip_ansible_lint
29 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/.gitignore:
--------------------------------------------------------------------------------
1 | .vagrant
2 | *~
3 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/.travis.yml:
--------------------------------------------------------------------------------
1 | ---
2 | language: python
3 | python: "2.7"
4 |
5 | install:
6 | - pip install ansible
7 |
8 | script:
9 | - ansible-playbook -i localhost, tests.yml --syntax-check
10 | - ansible-playbook -i localhost, tests.yml --connection=local --sudo
11 | - >
12 | ansible-playbook -i localhost, tests.yml --connection=local --sudo
13 | | grep -q 'changed=0.*failed=0'
14 | && (echo 'Idempotence test: pass' && exit 0)
15 | || (echo 'Idempotence test: fail' && exit 1)
16 |
17 | notifications:
18 | webhooks: https://galaxy.ansible.com/api/v1/notifications/
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/LICENSE:
--------------------------------------------------------------------------------
1 | BSD 2-Clause License
2 |
3 | Copyright (c) 2017, Mike Gleason jr Couturier
4 | All rights reserved.
5 |
6 | Redistribution and use in source and binary forms, with or without
7 | modification, are permitted provided that the following conditions are met:
8 |
9 | * Redistributions of source code must retain the above copyright notice, this
10 | list of conditions and the following disclaimer.
11 |
12 | * Redistributions in binary form must reproduce the above copyright notice,
13 | this list of conditions and the following disclaimer in the documentation
14 | and/or other materials provided with the distribution.
15 |
16 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
20 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
23 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/Vagrantfile:
--------------------------------------------------------------------------------
1 | boxes = {
2 | "ubuntu/trusty64" => {
3 | :ip => '192.168.33.10',
4 | :cpu => "2",
5 | :ram => "256"
6 | },
7 | "ubuntu/xenial64" => {
8 | :ip => '192.168.33.11',
9 | :cpu => "2",
10 | :ram => "256"
11 | },
12 | "centos/7" => {
13 | :ip => '192.168.33.12',
14 | :cpu => "2",
15 | :ram => "256"
16 | },
17 | "centos/6" => {
18 | :ip => '192.168.33.13',
19 | :cpu => "2",
20 | :ram => "256"
21 | },
22 | }
23 |
24 | Vagrant.configure("2") do |config|
25 | boxes.each do |box, options|
26 | config.vm.define box.dup.sub!("/", "-") do |machine|
27 | machine.vm.box = box
28 | machine.vm.box_check_update = false
29 | machine.vm.network :private_network, ip: options[:ip]
30 |
31 | machine.vm.provider "virtualbox" do |vb|
32 | vb.memory = options[:ram]
33 | vb.cpus = options[:cpu]
34 | end
35 |
36 | machine.vm.provision "ansible" do |ansible|
37 | ansible.playbook = "tests.yml"
38 | end
39 | end
40 | end
41 | end
42 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | firewall_v4_configure: true
3 | firewall_v6_configure: false
4 |
5 | firewall_v4_flush_rules:
6 | - -F
7 | - -X
8 | - -t raw -F
9 | - -t raw -X
10 | - -t nat -F
11 | - -t nat -X
12 | - -t mangle -F
13 | - -t mangle -X
14 | firewall_v4_default_rules:
15 | 001 default policies:
16 | - -P INPUT ACCEPT
17 | - -P OUTPUT ACCEPT
18 | - -P FORWARD DROP
19 | 002 allow loopback:
20 | - -A INPUT -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
21 | 003 allow ping replies:
22 | - -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
23 | - -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
24 | 100 allow established related:
25 | - -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
26 | 200 allow ssh:
27 | - -A INPUT -p tcp --dport ssh -j ACCEPT
28 | 999 drop everything:
29 | - -P INPUT DROP
30 | firewall_v4_group_rules: {}
31 | firewall_v4_host_rules: {}
32 |
33 | firewall_v6_flush_rules:
34 | - -F
35 | - -X
36 | - -t raw -F
37 | - -t raw -X
38 | - -t nat -F
39 | - -t nat -X
40 | - -t mangle -F
41 | - -t mangle -X
42 | firewall_v6_default_rules:
43 | 001 default policies:
44 | - -P INPUT ACCEPT
45 | - -P OUTPUT ACCEPT
46 | - -P FORWARD DROP
47 | 002 allow loopback:
48 | - -A INPUT -i lo -s ::1/128 -d ::1/128 -j ACCEPT
49 | 003 allow ping replies:
50 | - -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT
51 | - -A OUTPUT -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
52 | 100 allow established related:
53 | - -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
54 | 200 allow ssh:
55 | - -A INPUT -p tcp --dport ssh -j ACCEPT
56 | 999 drop everything:
57 | - -P INPUT DROP
58 | firewall_v6_group_rules: {}
59 | firewall_v6_host_rules: {}
60 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/meta/.galaxy_install_info:
--------------------------------------------------------------------------------
1 | {install_date: 'Sat Oct 13 03:56:56 2018', version: 1.2.1}
2 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: Mike Gleason jr Couturier
4 | description: A role to manage iptables rules which doesn't suck.
5 | company: N/A
6 | issue_tracker_url: https://github.com/mikegleasonjr/ansible-role-firewall/issues
7 | license: BSD
8 | min_ansible_version: 1.2
9 | platforms:
10 | - name: Ubuntu
11 | versions:
12 | - all
13 | - name: Debian
14 | versions:
15 | - all
16 | - name: EL
17 | versions:
18 | - all
19 | categories:
20 | - networking
21 | - system
22 | dependencies: []
23 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/tasks/bullseye-debian.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Bullseye load iptables
3 | apt:
4 | name: iptables
5 | state: present
6 | when: OS_Version == 'bullseye'
7 |
8 | - name: Set Legacy Mode
9 | command: update-alternatives --set iptables /usr/sbin/iptables-legacy
10 | command: update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
11 | when: OS_Version == 'bullseye'
12 |
13 |
14 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - include_tasks: bullseye-debian.yml
3 | when: OS_Version == 'bullseye'
4 |
5 | - include_tasks: rules.yml
6 |
7 | - include_tasks: persist-debian.yml
8 | when: ansible_os_family == 'Debian' or connectbox_os == 'raspbian'
9 |
10 | #- include_tasks: persist-redhat.yml
11 | # when: ansible_os_family == 'RedHat'
12 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/tasks/persist-debian.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Remove any obsolete scripts used by an old version of the role
3 | file: path={{ item }} state=absent
4 | with_items:
5 | - /etc/network/if-post-down.d/iptables-v4
6 | - /etc/network/if-pre-up.d/iptables-v4
7 | - /etc/iptables.v4.saved
8 |
9 | - name: make sure the resolv.conf file is setup
10 | command: echo 'nameserver 8.8.8.8' >> /etc/resolv.conf
11 |
12 |
13 | - name: Install iptables-persistent
14 | apt: name=iptables-persistent state=present
15 |
16 | - name: Check if netfilter-persistent is present
17 | shell: which netfilter-persistent
18 | register: is_netfilter
19 | when: v4_script is changed or v6_script is changed
20 | changed_when: false
21 | ignore_errors: yes
22 | check_mode: no
23 |
24 | - name: Save rules (netfilter-persistent)
25 | command: netfilter-persistent save
26 | when: not ansible_check_mode and (v4_script is changed or v6_script is changed) and is_netfilter.rc == 0
27 |
28 | - name: Save rules (iptables-persistent)
29 | command: /etc/init.d/iptables-persistent save
30 | when: not ansible_check_mode and (v4_script is changed or v6_script is changed) and is_netfilter.rc == 1
31 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/tasks/rules.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate v4 rules
3 | template: src=generated.v4.j2 dest=/etc/iptables.v4.generated owner=root group=root mode=755
4 | register: v4_script
5 | when: firewall_v4_configure
6 |
7 | - name: Fix invalid parameter errors
8 | command: "update-alternatives --set iptables /usr/sbin/iptables-legacy"
9 |
10 | - name: Load v4 rules
11 | command: /etc/iptables.v4.generated
12 | register: v4_script_load_result
13 | failed_when: >-
14 | v4_script_load_result.rc != 0 or
15 | 'unknown option' in v4_script_load_result.stderr or
16 | 'Table does not exist' in v4_script_load_result.stderr
17 | when: v4_script is changed
18 |
19 | - name: Generate v6 rules
20 | template: src=generated.v6.j2 dest=/etc/iptables.v6.generated owner=root group=root mode=755
21 | register: v6_script
22 | when: firewall_v6_configure
23 |
24 | - name: Load v6 rules
25 | command: /etc/iptables.v6.generated
26 | register: v6_script_load_result
27 | failed_when: >-
28 | v6_script_load_result.rc != 0 or
29 | 'unknown option' in v6_script_load_result.stderr or
30 | 'Table does not exist' in v6_script_load_result.stderr
31 | when: v6_script is changed
32 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/templates/generated.v4.j2:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # {{ ansible_managed }}
3 | {% set merged = firewall_v4_default_rules.copy() %}
4 | {% set _ = merged.update(firewall_v4_group_rules) %}
5 | {% set _ = merged.update(firewall_v4_host_rules) %}
6 |
7 | # flush rules
8 | {% for rule in firewall_v4_flush_rules %}
9 | iptables {{ rule }}
10 | {% endfor %}
11 |
12 | {% for group, rules in merged|dictsort %}
13 | # {{ group }}
14 | {% if not rules %}
15 | # (none)
16 | {% endif %}
17 | {% for rule in rules %}
18 | iptables {{ rule }}
19 | {% endfor %}
20 |
21 | {% endfor %}
22 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/templates/generated.v6.j2:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | # {{ ansible_managed }}
3 | {% set merged = firewall_v6_default_rules.copy() %}
4 | {% set _ = merged.update(firewall_v6_group_rules) %}
5 | {% set _ = merged.update(firewall_v6_host_rules) %}
6 |
7 | # flush rules
8 | {% for rule in firewall_v6_flush_rules %}
9 | ip6tables {{ rule }}
10 | {% endfor %}
11 |
12 | {% for group, rules in merged|dictsort %}
13 | # {{ group }}
14 | {% if not rules %}
15 | # (none)
16 | {% endif %}
17 | {% for rule in rules %}
18 | ip6tables {{ rule }}
19 | {% endfor %}
20 |
21 | {% endfor %}
22 |
--------------------------------------------------------------------------------
/ansible/roles/mikegleasonjr.firewall/tests.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - hosts: all
3 | become: true
4 |
5 | roles:
6 | - role: '{{playbook_dir}}'
7 | firewall_v6_configure: true
8 |
9 | firewall_v4_flush_rules:
10 | - -F
11 | - -X
12 | - -t raw -F
13 | - -t raw -X
14 | - -t mangle -F
15 | - -t mangle -X
16 |
17 | firewall_v4_group_rules:
18 | 400 allow http:
19 | - -A INPUT -p tcp --dport http -j ACCEPT
20 | 400 allow 7890:
21 | - -A INPUT -p tcp --dport 7890 -j ACCEPT
22 | firewall_v4_host_rules:
23 | 400 allow 7890: []
24 |
25 | firewall_v6_flush_rules:
26 | - -F
27 | - -X
28 | - -t raw -F
29 | - -t raw -X
30 | - -t mangle -F
31 | - -t mangle -X
32 |
33 | firewall_v6_group_rules:
34 | 400 allow http:
35 | - -A INPUT -p tcp --dport http -j ACCEPT
36 | 400 allow 7890:
37 | - -A INPUT -p tcp --dport 7890 -j ACCEPT
38 | firewall_v6_host_rules:
39 | 400 allow 7890: []
40 |
41 | tasks:
42 | - name: Retrieve v4 rules
43 | command: iptables -L -n
44 | changed_when: false
45 | register: v4_rules
46 | when: not ansible_check_mode
47 | - name: Check that INPUT policy has been applied
48 | assert:
49 | that: "'Chain INPUT (policy DROP' in v4_rules.stdout"
50 | when: not ansible_check_mode
51 | - name: Check that a default rule has been applied
52 | assert:
53 | that: "'tcp dpt:22' in v4_rules.stdout"
54 | when: not ansible_check_mode
55 | - name: Check that a group rule has been applied
56 | assert:
57 | that: "'tcp dpt:80' in v4_rules.stdout"
58 | when: not ansible_check_mode
59 | - name: Check that deleted rules are deleted
60 | assert:
61 | that: "'tcp dpt:7890' not in v4_rules.stdout"
62 | when: not ansible_check_mode
63 |
64 | - name: Retrieve v6 rules
65 | command: ip6tables -L -n
66 | changed_when: false
67 | register: v6_rules
68 | when: not ansible_check_mode
69 | - name: Check that INPUT policy has been applied
70 | assert:
71 | that: "'Chain INPUT (policy DROP' in v6_rules.stdout"
72 | when: not ansible_check_mode
73 | - name: Check that a default rule has been applied
74 | assert:
75 | that: "'tcp dpt:22' in v6_rules.stdout"
76 | when: not ansible_check_mode
77 | - name: Check that a group rule has been applied
78 | assert:
79 | that: "'tcp dpt:80' in v6_rules.stdout"
80 | when: not ansible_check_mode
81 | - name: Check that deleted rules are deleted
82 | assert:
83 | that: "'tcp dpt:7890' not in v6_rules.stdout"
84 | when: not ansible_check_mode
85 |
--------------------------------------------------------------------------------
/ansible/roles/moodle/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | moodle_base_directory: "/var/www/moodle"
3 |
4 | # This is the default hostname of the connectbox and Moodle will use it unless provided by env variable during Ansible install
5 | hostname: "{{ connectbox_default_hostname }}"
6 |
7 | app_download_local_filename: "the-well-v1.apk"
--------------------------------------------------------------------------------
/ansible/roles/moodle/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/ansible/roles/moodle/templates/blockcontent_content.j2:
--------------------------------------------------------------------------------
1 | {{ moodle_blockcontent }}
--------------------------------------------------------------------------------
/ansible/roles/moodle/templates/customcert.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/moodle/templates/customcert.tar.gz
--------------------------------------------------------------------------------
/ansible/roles/moodle/templates/filedir.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/moodle/templates/filedir.tar.gz
--------------------------------------------------------------------------------
/ansible/roles/moodle/templates/var_www_moodle_config_php.j2:
--------------------------------------------------------------------------------
1 | dbtype = 'pgsql';
8 | $CFG->dblibrary = 'native';
9 | $CFG->dbhost = 'localhost';
10 | $CFG->dbname = 'moodle';
11 | $CFG->dbuser = 'postgres';
12 | $CFG->dbpass = 'mypassword';
13 | $CFG->prefix = 'mdl_';
14 | $CFG->dboptions = array (
15 | 'dbpersist' => 0,
16 | 'dbport' => '',
17 | 'dbsocket' => '',
18 | );
19 |
20 | $CFG->wwwroot = 'http://learn.{{ connectbox_default_hostname | lower }}';
21 | $CFG->dataroot = '/var/www/moodledata';
22 | $CFG->admin = 'admin';
23 |
24 | $CFG->directorypermissions = 0777;
25 |
26 | // Force a debugging mode regardless the settings in the site administration
27 | // @error_reporting(E_ALL | E_STRICT); // NOT FOR PRODUCTION SERVERS!
28 | // @ini_set('display_errors', '1'); // NOT FOR PRODUCTION SERVERS!
29 | // $CFG->debug = (E_ALL | E_STRICT); // === DEBUG_DEVELOPER - NOT FOR PRODUCTION SERVERS!
30 | // $CFG->debugdisplay = 1; // NOT FOR PRODUCTION SERVERS!
31 |
32 | require_once(__DIR__ . '/lib/setup.php');
33 |
34 | // There is no php closing tag in this file,
35 | // it is intentional because it prevents trailing whitespace problems!
--------------------------------------------------------------------------------
/ansible/roles/moodle/templates/var_www_moodle_info_php.j2:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | hostname: "{{ connectbox_default_hostname }}.local"
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.0.63-v7l+/8812au.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.0.63-v7l+/8812au.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.0.63-v7l+/88x2bu.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.0.63-v7l+/88x2bu.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.10.103+/8812au.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.10.103+/8812au.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.10.103+/88x2bu.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.10.103+/88x2bu.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.10.63-v7l+/8812au.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.10.63-v7l+/8812au.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.10.63-v7l+/88x2bu.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.10.63-v7l+/88x2bu.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.10.92-v7l+/8812au.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.10.92-v7l+/8812au.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.10.92-v7l+/88x2bu.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.10.92-v7l+/88x2bu.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.15.25-sunxi/8812au.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.15.25-sunxi/8812au.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.15.25-sunxi/88x2bu.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.15.25-sunxi/88x2bu.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.15.74-sunxi/8812au.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.15.74-sunxi/8812au.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/5.15.74-sunxi/88x2bu.ko:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ansible/roles/network-interfaces/files/5.15.74-sunxi/88x2bu.ko
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/8812au-install.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/bash
2 |
3 | if [ -f /lib/modules/$(uname -r)/kernel/drivers/net/wireless/8812au.ko ];
4 | then
5 | printf "Driver rtl8812au.ko already exsists\n"
6 | else
7 | if [ -d /lib/modules/$(uname -r)/kernel/drivers/net/wireless/realtek/8xxxu ];
8 | then
9 | printf "Skipping the RTL8812au driver as it is integrated into the kernel\n"
10 | else
11 | printf "Compiling the RTL8812au driver then installing\n"
12 | reboot = "no"
13 | if [ -d ./8812au-20210820 ];
14 | then
15 | printf "Destination git directory already exsists\n"
16 | else
17 | git clone --depth 1 https://github.com/morrownr/8812au-20210820
18 | fi
19 | # alternate github repository is https://github.com/aircrack-ng/rtl8812au
20 | sudo ln -s linux $(uname -r)
21 | sudo ln -s /usr/src/linux-headers-$(uname -r) /lib/modules/$(uname -r)/build
22 | printf "\nyou running version"+"$(uname -r)\n"
23 | cd ./8812au-20210820/
24 | sed -i 's/CONFIG_PLATFORM_I386_PC = y/CONFIG_PLATFORM_I386_PC = n/g' Makefile
25 | sed -i 's/CONFIG_PLATFORM_ARM_RPI = n/CONFIG_PLATFORM_ARM_RPI = y/g' Makefile
26 | sed -i 's/CONFIG_POWER_SAVING = y/CONFIG_POWER_SAVING = n/g' Makefile
27 | printf "we check for 64 bit architecture $(uname -m)"
28 | if [ $(uname -m) == "aarch64" ]
29 | then
30 | sh ARM64_RPI.sh
31 | echo "we ran ARM64_RPI.sh"
32 | fi
33 | if [ -f install.sh ];
34 | then
35 | printf "using install.sh\n"
36 | sudo chmod +x install.sh
37 | sudo sh ./install.sh
38 | else
39 | printf "using Makefile to build\n"
40 | sudo make -j4
41 | sudo make install
42 | printf 'Make is complete ready to install\n'
43 | sudo insmod 8812au.ko
44 | sudo cp 8812au.ko /lib/modules/$(uname -r)/kernel/drivers/net/wireless/
45 | sudo depmod
46 | rm -r /tmp/8812a8-20210820
47 | fi
48 | fi
49 | fi
50 | sleep 2
51 |
52 | if [ -n "$reboot" ];
53 | then
54 | printf "system will need to be rebooted\n"
55 | fi
56 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/8852au-install.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/bash
2 |
3 | if [ -f /lib/modules/$(uname -r)/kernel/drivers/net/wireless/8852au.ko ];
4 | then
5 | printf "Driver rtl8832au already exists\n"
6 | else
7 | if [ -d /lib/modules/$(uname -r)/kernel/drivers/net/wireless/realtek/rtw89 ];
8 | then
9 | printf "Skipping the rtl8852au/rtl8832au driver as it is already integrated into the kernel\n"
10 | else
11 | printf "Compiling the rtl8852au/RTL8832au driver then installing\n"
12 | reboot = "no"
13 | if [ -d ./rtl8852au];
14 | then
15 | printf "Destination git directory already exsists\n"
16 | else
17 | git clone --depth 1 https://github.com/lwfinger/rtl8852au
18 | fi
19 | sudo ln -s linux $(uname -r)
20 | sudo ln -s /usr/src/linux-headers-$(uname -r) /lib/modules/$(uname -r)/build
21 | printf '\nyour running version $(uname -r) \n'
22 | cd ./rtl8852au/
23 | sed -i 's/CONFIG_PLATFORM_I386_PC = y/CONFIG_PLATFORM_I386_PC = n/g' Makefile
24 | sed -i 's/CONFIG_PLATFORM_NV_TK1_UBUNTU = n/CONFIG_PLATFORM_NV_TK1_UBUNTU = y/g' Makefile
25 | # if [ $(uname -m) == "aarch64" ]
26 | # then
27 | # sed -i 's/CONFIG_PLATFORM_ARM_RPI = y/CONFIG_PLATFORM_ARM_RPI = n/g' Makefile
28 | # sed -i 's/CONFIG_PLATFORM_ARM64_RPI = n/CONFIG_PLATFORM_ARM64_RPI = y/g' Makefile
29 | # printf ' We changed to 64bit compile \n'
30 | # fi
31 | if [ -f install.sh ];
32 | then
33 | printf "using install.sh\n"
34 | sudo chmod +x install.sh
35 | sudo sh ./install.sh
36 | else
37 | printf "using Makefile to build\n"
38 | sudo make -j4
39 | sudo make install
40 | printf 'Make is complete ready to install\n'
41 | sudo insmod 8852au.ko
42 | sudo cp 8852au.ko /lib/modules/$(uname -r)/kernel/drivers/net/wireless/
43 | sudo depmod
44 | fi
45 | rm -r /tmp/rtl8852au
46 | fi
47 | fi
48 |
49 | if [ -n "$reboot" ];
50 | then
51 | printf "system will need to be rebooted\n"
52 | fi
53 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/files/88x2bu-install.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/bash
2 |
3 | if [ -f /lib/modules/$(uname -r)/kernel/drivers/net/wireless/88x2bu.ko ];
4 | then
5 | printf "Driver rtl8812bu already exists\n"
6 | else
7 | if [ -d /lib/modules/$(uname -r)/kernel/drivers/net/wireless/realtek/88x2bu ];
8 | then
9 | printf "Skipping the rtl88x2bu driver as it is already integrated into the kernel\n"
10 | else
11 | printf "Compiling the RTL8812bu driver then installing\n"
12 | reboot = "no"
13 | if [ -d ./rtl88x2bu];
14 | then
15 | printf "Destination git directory already exsists\n"
16 | else
17 | git clone --depth 1 https://github.com/cilynx/rtl88x2bu
18 | fi
19 | sudo ln -s linux $(uname -r)
20 | sudo ln -s /usr/src/linux-headers-$(uname -r) /lib/modules/$(uname -r)/build
21 | printf 'you running version%s\n' "$(uname -r)"
22 | cd ./rtl88x2bu/
23 | sed -i 's/CONFIG_PLATFORM_I386_PC = y/CONFIG_PLATFORM_I386_PC = n/g' Makefile
24 | sed -i 's/CONFIG_PLATFORM_ARM_RPI = n/CONFIG_PLATFORM_ARM_RPI = y/g' Makefile
25 | sed -i 's/CONFIG_POWER_SAVING = y/CONFIG_POWER_SAVING = n/g' Makefile
26 | if [ -f install.sh ];
27 | then
28 | printf "using install.sh\n"
29 | sudo chmod +x install.sh
30 | sudo sh ./install.sh
31 | else
32 | printf "using Makefile to build\n"
33 | sudo make -j4
34 | sudo make install
35 | printf 'Make is complete ready to install\n'
36 | sudo insmod 88x2bu.ko
37 | sudo cp 88x2bu.ko /lib/modules/$(uname -r)/kernel/drivers/net/wireless/
38 | sudo depmod
39 | fi
40 | rm -r /tmp/88x2bu
41 | fi
42 | fi
43 |
44 | if [ -n "$reboot" ];
45 | then
46 | printf "system will need to be rebooted\n"
47 | fi
48 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/templates/etc_dhcp_dhclient-enter-hooks_wlan0.pl:
--------------------------------------------------------------------------------
1 | # resolvconf support for orangePi Zero2 startup of wlan0
2 | sh /usr/local/connectbox/bin/wlan0.pl &
3 |
4 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/templates/etc_dhcpcd.conf.j2:
--------------------------------------------------------------------------------
1 | # A sample configuration for dhcpcd.
2 | # See dhcpcd.conf(5) for details.
3 |
4 | # Allow users of this group to interact with dhcpcd via the control socket.
5 | #controlgroup wheel
6 |
7 | # Inform the DHCP server of our hostname for DDNS.
8 | hostname
9 |
10 | # Use the hardware address of the interface for the Client ID.
11 | clientid
12 | # or
13 | # Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
14 | # Some non-RFC compliant DHCP servers do not reply with this set.
15 | # In this case, comment out duid and enable clientid above.
16 | #duid
17 |
18 | # Persist interface configuration when dhcpcd exits.
19 | persistent
20 |
21 | # Rapid commit support.
22 | # Safe to enable by default because it requires the equivalent option set
23 | # on the server to actually work.
24 | option rapid_commit
25 |
26 | # A list of options to request from the DHCP server.
27 | option domain_name_servers, domain_name, domain_search, host_name
28 | option classless_static_routes
29 | # Respect the network MTU. This is applied to DHCP routes.
30 | option interface_mtu
31 |
32 | # Most distributions have NTP support.
33 | #option ntp_servers
34 |
35 | # A ServerID is required by RFC2131.
36 | require dhcp_server_identifier
37 |
38 | # Generate SLAAC address using the Hardware Address of the interface
39 | #slaac hwaddr
40 | # OR generate Stable Private IPv6 Addresses based from the DUID
41 | slaac private
42 |
43 | # Example static IP configuration:
44 | #interface eth0
45 | #static ip_address=192.168.0.10/24
46 | #static ip6_address=fd51:42f8:caae:d92e::ff/64
47 | #static routers=192.168.0.1
48 | #static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1
49 |
50 | # It is possible to fall back to a static IP if DHCP fails:
51 | # define static profile
52 | #profile static_eth0
53 | #static ip_address=192.168.1.23/24
54 | #static routers=192.168.1.1
55 | #static domain_name_servers=192.168.1.1
56 |
57 | # fallback to static profile on eth0
58 | #interface eth0
59 | #fallback static_eth0
60 |
61 | interface {{ client_facing_if }}
62 | static ip_address=10.129.0.1
63 | denyinterfaces eth0
64 | denyinterfaces {{ eth_facing_if }}
65 |
66 |
67 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/templates/etc_network_interfaces.j2:
--------------------------------------------------------------------------------
1 | # Ansible managed
2 | #
3 | # interfaces(5) file used by ifup(8) and ifdown(8)
4 |
5 | source-directory /etc/network/interfaces.d
6 |
7 | auto lo
8 | iface lo inet loopback
9 |
10 | allow-hotplug eth0
11 | iface eth0 inet dhcp
12 |
13 | allow-hotplug wlan0
14 | iface wlan0 inet static
15 | hostapd /etc/hostapd/hostapd.conf
16 | address 10.129.0.1
17 | netmask 255.255.0.0
18 | # Need to set locale because our standard locale settings cause problems with
19 | # click, and I don't want to fix that right now. See:
20 | # https://click.palletsprojects.com/en/7.x/python3/
21 | pre-up LC_ALL=C.UTF-8 LANG=C.UTF-8 /usr/local/connectbox/wifi_configurator_venv/bin/wifi_configurator --set-country-code
22 | # Add an extra address to answer captive portal non-private range traffic
23 | # We were DNAT'ing port 80 traffic previously, but having a real interface
24 | # with the address means it can respond to ICMP and http and indeed anything
25 | # else we want without a DNAT rule for each. A complete REDIRECT instead of
26 | # DNAT affects DHCP.
27 | up ip addr add 172.217.3.174/24 dev $IFACE label $IFACE:0
28 | # dnsmasq does not always answer DHCP requests after wifi unplug/replug
29 | # so we manage it's start and stop here. We always expect wlan0 to be
30 | # running on a functioning system, so this dependency on wlan0 is not
31 | # a problem.
32 | post-up systemctl start dnsmasq
33 | pre-down systemctl stop dnsmasq
34 | down ip addr del 172.217.3.174/24 dev $IFACE label $IFACE:0
35 |
36 | # To add local wifi connectivity, substitue your wifi ssid and password (below)
37 | # (Leave these lines uncommented even if you don't want internet connectivity
38 | # as it seems that without these lines, the internet connection will take over wlan1)
39 |
40 | #CLIENTIF#
41 |
42 | allow-hotplug wlan1
43 | iface wlan1 inet dhcp
44 | wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
45 | iface default inet dhcp
46 | pre-up rm /var/run/wpa_supplicant/wlan1
47 |
48 |
--------------------------------------------------------------------------------
/ansible/roles/network-interfaces/templates/wpa_supplicant.conf.j2:
--------------------------------------------------------------------------------
1 | country={{ wireless_country_code }}
2 | ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
3 | update_config=1
4 |
5 | # This can be updated by ConnectBoxManage.sh
6 | network={
7 | ssid="{{ client_ssid }}"
8 | psk="{{ client_wifipassword }}"
9 | }
10 |
11 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | nginx_available_vhosts_path: /etc/nginx/sites-available
3 | nginx_enabled_vhosts_path: /etc/nginx/sites-enabled
4 |
5 | # Interface type (valid options)
6 | # - icon_only (default)
7 | # - static_site
8 | # If this is useful in other roles, we can define it at a higher level
9 |
10 | nginx_vhost_file_moodle: connectbox_moodle.conf
11 | nginx_vhost_file_enhanced: connectbox_enhanced.conf
12 | nginx_vhost_file_classic: connectbox_classic.conf
13 | nginx_vhost_file_icon_only: connectbox_icon-only.conf
14 | nginx_vhost_file_static_site: connectbox_static-site.conf
15 | nginx_vhost_file_captive_portal: connectbox_captive-portal.conf
16 |
17 | # Mapping interface type to the actual vhost file used by nginx
18 | interface_type_files:
19 | icon_only: "{{ nginx_vhost_file_icon_only }}"
20 | static_site: "{{ nginx_vhost_file_static_site }}"
21 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: restart nginx
3 | service:
4 | name: nginx
5 | state: restarted
6 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/templates/connectbox_captive-portal.conf.j2:
--------------------------------------------------------------------------------
1 | server {
2 | listen 80;
3 | # added gowifi.org as preview. this is where were moving.
4 | # wi.fi is preferred, because having a domain solves some captive portal
5 | # problems on some devices (e.g. Samsung S8 Android 8.0) and browsers
6 | # (e.g. duckduckgo on Android), but go is kept because it's what we used
7 | # to have and it's simple to keep backward compatibility
8 |
9 | server_name www.gowifi.org gowifi.org gowifi.com wi.fi www.wi.fi go;
10 | location /{
11 | return 302 http://$hostname;
12 | }
13 | location /api/v2/no-cache/device-is-still-connected {
14 | return 200 http://$hostname;
15 | }
16 | }
17 |
18 | server {
19 | listen *:80 default_server;
20 |
21 | index index.html index.htm;
22 |
23 | server_name _;
24 |
25 | access_log {{ connectbox_log_dir }}/captive_portal-access.log;
26 | error_log {{ connectbox_log_dir }}/captive_portal-error.log error;
27 | rewrite_log on;
28 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
29 | proxy_set_header Host $http_host;
30 | proxy_redirect off;
31 | # Never cache
32 | expires -1;
33 |
34 | # This endpoint can force captive portal reauthentication.
35 | # Only allow it from the host itself.
36 | location /handle_dhcp_event {
37 | allow 127.0.0.1;
38 | deny all;
39 | proxy_pass http://127.0.0.1:{{ captiveportal_listen_port }};
40 | }
41 |
42 | location / {
43 | proxy_pass http://127.0.0.1:{{ captiveportal_listen_port }};
44 | }
45 |
46 | }
47 |
48 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/templates/connectbox_classic.conf.j2:
--------------------------------------------------------------------------------
1 | server {
2 | listen 80;
3 | # Wildcard .local i.e. respond to anything that comes in on that domain
4 | # which allows us to avoid calculating the mDNS name
5 | server_name {{connectbox_default_hostname}} .local;
6 | root {{ connectbox_default_content_root }};
7 | index index.html;
8 | error_page 404 /index.html;
9 | access_log {{ connectbox_access_log }};
10 | error_log {{ connectbox_error_log }} error;
11 | rewrite_log on;
12 |
13 | {{ nginx_chat_block }}
14 | {{ nginx_admin_block }}
15 |
16 | location /admin {
17 | alias {{ connectbox_enhanced_admin_root }}/;
18 | }
19 |
20 | location /content/ {
21 | alias {{ connectbox_usb_files_root }}/;
22 | # We need to override the default index.html because that file will be
23 | # present for static sites, and if it exists, it stops the icon-only
24 | # interface from rendering
25 | index .should_not_match_anything.html;
26 | autoindex on;
27 | autoindex_format json;
28 | charset utf-8;
29 | charset_types application/json;
30 | # Never cache the indexes
31 | location ~ /$ {
32 | expires -1;
33 | }
34 | }
35 |
36 | location ~ \.json$ {
37 | expires -1;
38 | }
39 |
40 | location / {
41 | try_files $uri /index.html;
42 | }
43 | }
44 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/templates/connectbox_enhanced.conf.j2:
--------------------------------------------------------------------------------
1 | server {
2 | listen 80;
3 | # Wildcard .local i.e. respond to anything that comes in on that domain
4 | # which allows us to avoid calculating the mDNS name
5 | server_name {{connectbox_default_hostname}} .local thewell connectbox;
6 | root {{ connectbox_enhanced_content_root }};
7 | index index.html;
8 | error_page 404 /index.html;
9 | access_log {{ connectbox_access_log }};
10 | error_log {{ connectbox_error_log }} error;
11 | rewrite_log on;
12 |
13 |
14 | {{ nginx_chat_block }}
15 | {{ nginx_admin_block }}
16 |
17 | location /admin {
18 | alias {{ connectbox_enhanced_admin_root }}/;
19 | }
20 |
21 |
22 | location /content/ {
23 | alias {{ connectbox_usb_files_root }}/;
24 | # We need to override the default index.html because that file will be
25 | # present for static sites, and if it exists, it stops the icon-only
26 | # interface from rendering
27 | index .should_not_match_anything.html;
28 | autoindex on;
29 | autoindex_format json;
30 | charset utf-8;
31 | charset_types application/json;
32 | # Never cache the indexes
33 | location ~ /$ {
34 | expires -1;
35 | }
36 | }
37 |
38 | location ~ \.json$ {
39 | expires -1;
40 | }
41 |
42 | location / {
43 | index index.html;
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/templates/connectbox_icon-only.conf.j2:
--------------------------------------------------------------------------------
1 | server {
2 | listen 80;
3 | # Wildcard .local i.e. respond to anything that comes in on that domain
4 | # which allows us to avoid calculating the mDNS name
5 | server_name {{connectbox_default_hostname}} .local;
6 | root {{ connectbox_default_content_root }};
7 | index index.html;
8 | error_page 404 /index.html;
9 | access_log {{ connectbox_access_log }};
10 | error_log {{ connectbox_error_log }} error;
11 | rewrite_log on;
12 |
13 | {{ nginx_chat_block }}
14 | {{ nginx_admin_block }}
15 |
16 | location /content/ {
17 | alias {{ connectbox_usb_files_root }}/;
18 | # We need to override the default index.html because that file will be
19 | # present for static sites, and if it exists, it stops the icon-only
20 | # interface from rendering
21 | index .should_not_match_anything.html;
22 | autoindex on;
23 | autoindex_format json;
24 | charset utf-8;
25 | charset_types application/json;
26 | # Never cache the indexes
27 | location ~ /$ {
28 | expires -1;
29 | }
30 | }
31 |
32 | location ~ \.json$ {
33 | expires -1;
34 | }
35 |
36 | location / {
37 | try_files $uri /index.html;
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/templates/connectbox_moodle.conf.j2:
--------------------------------------------------------------------------------
1 |
2 | server {
3 | listen 80;
4 |
5 | root /var/www/moodle/;
6 | index index.php index.html index.htm;
7 |
8 | server_name learn.{{connectbox_default_hostname}} learn.thewell learn.connectbox;
9 |
10 | location / {
11 | try_files $uri $uri/ =404;
12 | }
13 |
14 | location ~ [^/]\.php(/|$) {
15 | fastcgi_split_path_info ^(.+\.php)(/.+)$;
16 | fastcgi_index index.php;
17 | include fastcgi_params;
18 | fastcgi_param PATH_INFO $fastcgi_path_info;
19 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
20 |
21 | fastcgi_pass unix:/var/run/php/php{{ php_version }}-fpm.sock;
22 | }
23 | }
24 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/templates/connectbox_static-site.conf.j2:
--------------------------------------------------------------------------------
1 | server {
2 | listen 80;
3 | # Wildcard .local i.e. respond to anything that comes in on that domain
4 | # which allows us to avoid calculating the mDNS name
5 | server_name {{connectbox_default_hostname}}.cb .local;
6 | root {{ connectbox_usb_files_root }};
7 | index index.html index.htm;
8 | error_page 404 /index.html;
9 | access_log {{ connectbox_access_log }};
10 | error_log {{ connectbox_error_log }} error;
11 | rewrite_log on;
12 |
13 | {{ nginx_chat_block }}
14 | {{ nginx_admin_block }}
15 |
16 | # Admin interface
17 | location /admin {
18 | alias {{ connectbox_default_content_root }};
19 | try_files $uri /admin/index.html;
20 | }
21 | }
22 |
--------------------------------------------------------------------------------
/ansible/roles/nginx/templates/nginx.conf.j2:
--------------------------------------------------------------------------------
1 | user www-data;
2 |
3 | error_log /var/log/nginx/error.log warn;
4 | pid /run/nginx.pid;
5 |
6 | worker_processes auto;
7 |
8 | events {
9 | worker_connections 1024;
10 | multi_accept off;
11 | }
12 |
13 |
14 | http {
15 |
16 | include /etc/nginx/mime.types;
17 | default_type application/octet-stream;
18 |
19 | server_names_hash_bucket_size 64;
20 |
21 | client_max_body_size 1024M;
22 |
23 | log_format main '$remote_addr - $remote_user [$time_local] "$request" '
24 | '$status $body_bytes_sent "$http_referer" '
25 | '"$http_user_agent" "$http_x_forwarded_for"';
26 |
27 | access_log /var/log/nginx/access.log main buffer=16k;
28 |
29 | sendfile on;
30 | tcp_nopush on;
31 | tcp_nodelay on;
32 |
33 | keepalive_timeout 65;
34 | keepalive_requests 100;
35 |
36 | server_tokens on;
37 |
38 | # gzip on;
39 |
40 |
41 |
42 | include /etc/nginx/conf.d/*.conf;
43 | include /etc/nginx/sites-enabled/*;
44 |
45 | }
46 |
--------------------------------------------------------------------------------
/ansible/roles/php/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | moodle_base_directory: "/var/www/moodle"
--------------------------------------------------------------------------------
/ansible/roles/php/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/ansible/roles/php/templates/etc_apt_sources_list_d_php_list.j2:
--------------------------------------------------------------------------------
1 | deb https://packages.sury.org/php/ stretch main
2 |
3 |
--------------------------------------------------------------------------------
/ansible/roles/remove-lz4/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # Task to remove all *.lz4 files in /var/lib/apt/lists
3 |
4 | # Find all lz4 files,
5 | # store the list files_to_delete
6 | - name: create the lz4 delete file glob
7 | find:
8 | paths: /var/lib/apt/lists
9 | patterns: "*.lz4"
10 | register: files_to_delete
11 |
12 | # ... and use that list to loop through the delete
13 | - name: remove the file glob
14 | file:
15 | path: "{{ item.path }}"
16 | state: absent
17 | with_items: "{{ files_to_delete.files }}"
18 | no_log: True
19 |
--------------------------------------------------------------------------------
/ansible/roles/remove-lz4/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | # Some build environments (ex: RPi4) do not remove lz4 files
4 | # from /var/lib/apt/lists. These are not necessary and take
5 | # up unnecessary space in the build
6 |
7 | - name: set up lz4 handler
8 | debug:
9 | msg: Queing up lz4 removal task
10 | notify:
11 | - create the lz4 delete file glob
12 | - remove the file glob
13 | changed_when: True
14 |
15 |
--------------------------------------------------------------------------------
/ansible/roles/rpi-permissions/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # This sets up permissions on certain folders in RPi so that any required
3 | # wifi edits can be done at the Home Screen rather than via terminal
4 |
5 | - name: Make the direcotry for /media/usb0
6 | file:
7 | path: /media/usb0
8 | state: directory
9 |
10 |
11 | # The usb0 directory is where content will be stored for ConnectBox
12 | # so this allows drag / drop of content to that folder
13 | - name: Changing permissions of "/media/usb0", adding a+w
14 | file: dest=/media/usb0 mode=a+w
15 | when: connectbox_os == "raspbian"
16 |
17 | # The interfaces folder is where we make changes to enable wlan0 (internal) to be
18 | # used for internet access and wlan1 (external) to be used for CB traffic
19 | - name: Changing permissions of "/etc/network/interfaces", adding a+w
20 | file: dest=/etc/network/interfaces mode=a+w
21 | when: connectbox_os == "raspbian"
22 |
23 |
24 |
25 |
--------------------------------------------------------------------------------
/ansible/roles/sample-content/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | deploy_sample_content: true
3 |
--------------------------------------------------------------------------------
/ansible/roles/sample-content/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: check for and create the media mount point
3 | file:
4 | dest: "{{ connectbox_usb_files_root }}"
5 | state: directory
6 |
7 | - block:
8 | - name: Checkout sample content
9 | git:
10 | repo: "{{ sample_content_repo }}"
11 | dest: /tmp/connectbox-sample-content
12 | depth: 1
13 | version: '{{sample_repo_rev}}'
14 | update: no
15 |
16 | - name: Place sample content at USB drive location
17 | command: rsync -a /tmp/connectbox-sample-content/content/ {{ connectbox_usb_files_root }}
18 |
19 | - name: Create throughput-test directory
20 | file:
21 | dest: "{{ connectbox_usb_files_root }}/throughput-test"
22 | state: directory
23 |
24 | - name: Create 10MB throughput-test file
25 | command: "dd if=/dev/urandom of={{ connectbox_usb_files_root }}/throughput-test/10MB.bin bs=1M count=10"
26 | args:
27 | creates: "{{ connectbox_usb_files_root }}/throughput-test/10MB.bin"
28 |
29 | - name: Create 100MB throughput-test file
30 | command: "dd if=/dev/urandom of={{ connectbox_usb_files_root }}/throughput-test/100MB.bin bs=1M count=100"
31 | args:
32 | creates: "{{ connectbox_usb_files_root }}/throughput-test/100MB.bin"
33 |
34 | when: deploy_sample_content == True
35 |
36 | - block:
37 | - name: Create instructions in web root if USB stick not mounted
38 | copy:
39 | src: ../../../../docs/administration.md
40 | dest: "{{ connectbox_usb_files_root }}/README.txt"
41 |
42 | - name: Insert context into instructions
43 | blockinfile:
44 | name: "{{ connectbox_usb_files_root }}/README.txt"
45 | insertbefore: BOF
46 | marker: "---"
47 | block: |
48 | This file will be hidden when a USB stick is inserted.
49 | The original of this file can be found at https://github.com/ConnectBox/connectbox-pi/blob/master/docs/administration.md
50 |
51 | when: ("'/media/usb0' not in ansible_mounts | map(attribute='mount')") and (connectbox_os != "raspbian")
52 |
53 | - block:
54 | - name: Create instructions in web root for RPi based CB
55 | copy:
56 | src: ../../../../docs/administration_rpi.md
57 | dest: "{{ connectbox_usb_files_root }}/README.txt"
58 |
59 | - name: Insert context into rpi instructions
60 | blockinfile:
61 | name: "{{ connectbox_usb_files_root }}/README.txt"
62 | insertbefore: BOF
63 | marker: "---"
64 | block: |
65 | The original of this file can be found at https://github.com/ConnectBox/connectbox-pi/blob/master/docs/administration_rpi.md
66 |
67 | when: connectbox_os == "raspbian"
68 |
69 |
--------------------------------------------------------------------------------
/ansible/roles/usb-content/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Reload udev rules
3 | command: udevadm control --reload-rules
4 |
5 | - name: Reload systemd-udevd unit file and restart service
6 | systemd:
7 | state: restarted
8 | daemon_reload: yes
9 | name: systemd-udevd
10 |
11 | # We can't actually remount the USB without walking all the devices
12 | # so let's just print a message (that will likely get missed)
13 | - name: Warn to remount USB
14 | debug:
15 | msg: Remove and reinsert your USB storage. Mount options have changed.
16 |
--------------------------------------------------------------------------------
/ansible/roles/usb-content/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | - name: Create drop-in directory for systemd-udevd
4 | file:
5 | path: /etc/systemd/system/systemd-udevd.service.d
6 | state: directory
7 |
8 | - name: Teach systemd-udev to expose mount points to the system
9 | copy:
10 | dest: /etc/systemd/system/systemd-udevd.service.d/mountflags.conf
11 | content: |
12 | [Service]
13 | MountFlags=shared
14 | notify:
15 | - Reload systemd-udevd unit file and restart service
16 |
17 | - name: reload systemd-udevd unit
18 | command: udevadm trigger --action=change
19 | ignore_errors: yes
20 |
21 |
--------------------------------------------------------------------------------
/ansible/roles/webserver-content/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | gunicorn_run_directory: "/run/gunicorn"
3 | gunicorn_pid_file: "{{ gunicorn_run_directory }}/pid"
4 | gunicorn_listen_port: 5000
5 | gunicorn_user: www-data
6 | gunicorn_group: www-data
7 | gunicorn_log_level: "error"
8 |
--------------------------------------------------------------------------------
/ansible/roles/webserver-content/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Restart gunicorn
3 | service:
4 | name: gunicorn
5 | state: restarted
6 |
--------------------------------------------------------------------------------
/ansible/roles/webserver-content/templates/etc_systemd_system_gunicorn.service.j2:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=gunicorn daemon
3 | After=network.target
4 |
5 | [Service]
6 | PIDFile=/run/gunicorn/pid
7 | User={{ gunicorn_user }}
8 | Group={{ gunicorn_group }}
9 | RuntimeDirectory=gunicorn
10 | WorkingDirectory={{ connectbox_app_root }}
11 | Environment='GUNICORN_CMD_ARGS="--capture-output True"'
12 | ExecStart={{ connectbox_virtualenv }}/bin/gunicorn \
13 | --log-file - \
14 | --log-level {{ gunicorn_log_level }} \
15 | --pid {{ gunicorn_pid_file }} \
16 | --bind 127.0.0.1:{{ gunicorn_listen_port }} main:app
17 | ExecReload=/bin/kill -s HUP $MAINPID
18 | ExecStop=/bin/kill -s TERM $MAINPID
19 | PrivateTmp=true
20 |
21 | [Install]
22 | WantedBy=multi-user.target
23 |
--------------------------------------------------------------------------------
/ansible/roles/webserver-content/templates/etc_tmpfiles.d_gunicorn.conf.j2:
--------------------------------------------------------------------------------
1 | d /run/gunicorn 0755 {{ gunicorn_user }} {{ gunicorn_group }} -
2 |
--------------------------------------------------------------------------------
/ansible/roles/wifi-ap/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | ssid: "{{connectbox_default_hostname}} - Free Media"
3 | wireless_channel: 1
4 | # Only used as an override. Country code is automatically set when the
5 | # wifi device comes up, and defaults to the world regulatory domain 00.
6 | # To override, set an entry based on those in the following file:
7 | # https://git.kernel.org/cgit/linux/kernel/git/sforshee/wireless-regdb.git/tree/db.txt
8 |
9 |
--------------------------------------------------------------------------------
/ansible/roles/wifi-ap/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
--------------------------------------------------------------------------------
/ansible/roles/wifi-ap/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 | - network-interfaces
4 |
--------------------------------------------------------------------------------
/ansible/roles/wifi-ap/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install hostapd
3 | apt:
4 | name: hostapd
5 | state: present
6 |
7 | - name: Install crda so regulatory db is present
8 | apt:
9 | name: crda
10 | state: present
11 | when: connectbox_os == "raspbian"
12 |
13 | - name: Copy hostapd config
14 | template:
15 | src: hostapd.conf.j2
16 | dest: /etc/hostapd/hostapd.conf
17 | owner: root
18 | group: root
19 | mode: 0644
20 | register: etc_hostapd_hostapd_conf
21 |
22 | - name: Copy default hostapd
23 | template:
24 | src: etc_default_hostapd_hostapd.conf.j2
25 | dest: /etc/default/hostapd
26 | owner: root
27 | group: root
28 | mode: 0644
29 | register: etc_default_hostapd_hostapd_conf
30 |
31 | # wifi-configurator is used on configure_hostapd.sh
32 | - name: Make wifi-configurator virtualenv directory
33 | file:
34 | path: "{{ wifi_configurator_virtualenv_dir }}"
35 | state: directory
36 |
37 | - name: Setup wifi-configurator virtualenv (python3)
38 | pip:
39 | virtualenv: "{{ wifi_configurator_virtualenv_dir }}"
40 | virtualenv_python: python3
41 | name: git+https://github.com/ConnectBox/wifi-configurator.git
42 |
43 | - name: Find python path variable
44 | shell: ls {{ wifi_configurator_virtualenv_dir }}/lib
45 | register: python_ver
46 |
47 | - name: Python_ver debug
48 | debug:
49 | msg: "Python version is: {{ python_ver.stdout }}"
50 |
51 | - name: Set hostapd to correct default wlan
52 | replace:
53 | path: "{{ wifi_configurator_virtualenv_dir }}/lib/{{ python_ver.stdout }}/site-packages/wifi_configurator/cli.py"
54 | regexp: 'default="wlan0"'
55 | replace: 'default="{{ client_facing_if }}"'
56 |
57 | - name: Populate /etc/default/crda with regulatory domain override
58 | template:
59 | src: etc_default_crda.j2
60 | dest: /etc/default/crda
61 | owner: root
62 | group: root
63 | mode: 0644
64 |
65 | # We're using the ifupdown method instead of the initscript method
66 | # so this is just an ifdown and ifup operation rather than a
67 | # service reload hostapd
68 | # Note: this is not a handler because wlan0/hostapd might be broken in later steps
69 | # before the handler would be executed. This ensures that wlan0 will be up and
70 | # hostapd properly running before exiting this role.
71 | - name: Reload hostapd -- Allow ignore errors for devices without WLAN
72 | shell: "ifdown {{ client_facing_if }}; sleep 1; ifup {{ client_facing_if }}"
73 | when: etc_hostapd_hostapd_conf.changed
74 | ignore_errors: yes
75 | tags:
76 | # This task on change is intentionally not a handler; don't trigger ANSIBLE0016
77 | - skip_ansible_lint
78 |
79 |
--------------------------------------------------------------------------------
/ansible/roles/wifi-ap/templates/etc_default_crda.j2:
--------------------------------------------------------------------------------
1 | # Set REGDOMAIN to a ISO/IEC 3166-1 alpha2 country code so that iw(8) may set
2 | # the initial regulatory domain setting for IEEE 802.11 devices which operate
3 | # on this system.
4 | #
5 | # Governments assert the right to regulate usage of radio spectrum within
6 | # their respective territories so make sure you select a ISO/IEC 3166-1 alpha2
7 | # country code suitable for your location or you may infringe on local
8 | # legislature. See `/usr/share/zoneinfo/zone.tab' for a table of timezone
9 | # descriptions containing ISO/IEC 3166-1 alpha2 country codes.
10 |
11 | REGDOMAIN={{ wireless_country_code }}
12 |
--------------------------------------------------------------------------------
/ansible/roles/wifi-ap/templates/etc_default_hostapd_hostapd.conf.j2:
--------------------------------------------------------------------------------
1 | # Defaults for hostapd initscript
2 | #
3 | # See /usr/share/doc/hostapd/README.Debian for information about alternative
4 | # methods of managing hostapd.
5 | #
6 | # Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration
7 | # file and hostapd will be started during system boot. An example configuration
8 | # file can be found at /usr/share/doc/hostapd/examples/hostapd.conf.gz
9 | #
10 | DAEMON_CONF="/etc/hostapd/hostapd.conf"
11 |
12 | # Additional daemon options to be appended to hostapd command:-
13 | # -d show more debug messages (-dd for even more)
14 | # -K include key data in debug messages
15 | # -t include timestamps in some debug messages
16 | #
17 | # Note that -B (daemon mode) and -P (pidfile) options are automatically
18 | # configured by the init.d script and must not be added to DAEMON_OPTS.
19 | #
20 | #DAEMON_OPTS=""
21 |
--------------------------------------------------------------------------------
/ansible/roles/wifi-ap/templates/hostapd.conf.j2:
--------------------------------------------------------------------------------
1 | # General configuration
2 | interface={{ client_facing_if }}
3 | logger_syslog=-1
4 | logger_syslog_level=3
5 | logger_stdout=-1
6 | logger_stdout_level=2
7 | ctrl_interface=/var/run/hostapd
8 | ctrl_interface_group=0
9 |
10 | # IEEE 802.11 related configuration
11 | ssid={{ ssid }}
12 | utf8_ssid=1
13 |
14 | country_code={{ wireless_country_code }}
15 |
16 | # Enable 802.11n (requires hw_mode=g)
17 | hw_mode=g
18 | # ieee80211n=1
19 | driver=nl80211
20 |
21 | channel={{ wireless_channel }}
22 | macaddr_acl=0 # accept unless in deny list
23 |
24 | max_num_sta=30
25 | #ap_max_inactivity = 240
26 | #dissassoc_low_ack=1
27 |
28 | ap_isolate=1
29 |
30 | # Disable non-OFDM rates given they consume disproportiately large amounts
31 | # of airtime and aren't required for modern devices
32 | supported_rates=60 90 120 180 240 360 480 540
33 | basic_rates=60 120 240
34 |
35 | # IEEE 802.11 specifies two authentication algorithms. hostapd can be
36 | # configured to allow both of these or only one. Open system authentication
37 | # should be used with IEEE 802.1X.
38 | # Bit fields of allowed authentication algorithms:
39 | # bit 0 = Open System Authentication
40 | # bit 1 = Shared Key Authentication (requires WEP)
41 | auth_algs=3
42 |
43 | ignore_broadcast_ssid=0
44 | wmm_enabled=1 # QOS
45 |
46 | ht_capab=
47 | vht_capab=
48 | ieee80211ac=0
49 | # This is the orignal Github version
50 |
51 |
--------------------------------------------------------------------------------
/ansible/roles/wlan-set/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | # For RPi modules (these have internal wifi)
4 | # Use selected client_facing_if specified wlan in two files
5 | # We no longer need the update of CLI.py since we get the AP automatically.
6 | #- name: update cli.py
7 | # replace:
8 | # path: /usr/local/connectbox/wifi_configurator_venv/lib/{{ python version}}/site-packages/wifi_configurator/cli.py
9 | # regexp: 'wlan0'
10 | # replace: '{{ client_facing_if }}'
11 |
12 | - name: Get client interface name
13 | vars:
14 | wlan_data: "{{ lookup('file', '/usr/local/connectbox/wificonf.txt') }}"
15 | set_fact: client_facing_if = "{{ 'wlan' + wlan_data.split('ClientIF=')[1][0] }}"
16 |
17 | - debug:
18 | msg: "we pulled the Client Interface out as {{ client_facing_if }}"
19 |
20 | - name: update ConnectBoxManage.sh
21 | replace:
22 | path: /usr/local/connectbox/bin/ConnectBoxManage.sh
23 | regexp: 'wlan0'
24 | replace: '{{ client_facing_if }}'
25 | when: connectbox_os == "raspbian"
26 |
27 |
--------------------------------------------------------------------------------
/ansible/roles/wlan-set/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | # For RPi Raspbian versions (they have internal wifi)
4 | # Use selected client_facing_if specified wlan in two files
5 |
6 | - name: queue up wlan changes
7 | debug:
8 | msg: Queing up wlan changes.
9 | changed_when: True
10 | notify:
11 | - update ConnectBoxManage.sh
12 | # - update cli.py - no longer needed at cli.py determines the wlan ports automatically.
13 | when: connectbox_os == "raspbian"
14 |
15 |
16 |
--------------------------------------------------------------------------------
/ansible/site.yml:
--------------------------------------------------------------------------------
1 | ---
2 |
3 | # Note: OS specific variables are included in the order of the hierarchy of their fork:
4 | #
5 | # Debian─┬─Ubuntu───Armbian
6 | # ├─Raspbian───Buster
7 | # | └─Bullseye
8 | # └─Armbian─┬─stretch
9 | # └─focal
10 | # └─xenial
11 | # └─Buster
12 | # └─Bullseye
13 | #
14 | # (See also https://github.com/ConnectBox/connectbox-pi/wiki/Differentiating-platform-by-ansible-variables)
15 |
16 | - hosts: all
17 | pre_tasks:
18 | - name: Include OS family variables
19 | include_vars: "group_vars/{{ ansible_os_family|lower }}"
20 | - name: Include Distribution variables
21 | include_vars: "group_vars/{{ ansible_distribution|lower }}"
22 | - name: Include Target specific variables
23 | include_vars: "group_vars/{{ ansible_lsb['id']|lower }}"
24 | - name: Include Brand Variables for brand.txt
25 | include_vars: "group_vars/brand"
26 | - name: Check for Armbian info
27 | stat:
28 | path: "/etc/armbian.txt"
29 | register: armbian_file
30 | - name: Check for Armbian Release
31 | stat:
32 | path: "/etc/armbian-release"
33 | register: armbian_release_file
34 | - name: Show aws_instance variable
35 | debug:
36 | var: aws_instance
37 | - name: Include Armbian specific variables
38 | include_vars: "group_vars/armbian"
39 | when: armbian_file.stat.exists == True or armbian_release_file.stat.exists == True
40 | # This is probably better implemented as an ansible plugin so we can support
41 | # machines with 3.x series kernels (armbian legacy)
42 | # We will get errors when this file doesn't exist (3.x series kernels) so we
43 | # ignore errors. It's ok if this is unset because we're only looking for a
44 | # string inside the registered result.
45 | - name: Register machine type
46 | command: cat /sys/firmware/devicetree/base/model
47 | register: machine_type
48 | ignore_errors: yes
49 | changed_when: False
50 | # - name: Is this a Moodle Box?
51 | # debug:
52 | # var: build_moodle
53 | become: yes
54 | roles:
55 | - connectbox-pi
56 | - { role: image-preparation, when: do_image_preparation }
57 |
--------------------------------------------------------------------------------
/ci/ansible.cfg:
--------------------------------------------------------------------------------
1 | [defaults]
2 | callback_whitelist = profile_tasks
3 | host_key_checking = False
4 | strategy=mitogen_linear
5 | strategy_plugins=../ansible/plugins/mitogen-0.2.2/ansible_mitogen/plugins/strategy
6 | [ssh_connection]
7 | # Necessary because EC2 host names are so long that they exceed the max
8 | # path length for the control path domain socket, with the default
9 | # control_path
10 | control_path = %(directory)s/%%h-%%r
11 | # Persist controlpath sockets for long enough for a whole playbook run
12 | # and re-run
13 | ssh_args = -o ControlPersist=15m
14 | # Go faster mode
15 | pipelining = True
16 |
--------------------------------------------------------------------------------
/ci/ci-inventory:
--------------------------------------------------------------------------------
1 | stretch.ci.connectbox.org developer_mode=True ansible_ssh_user=admin ansible_ssh_private_key_file=../ci/travis-ci-connectbox.pem connectbox_default_hostname=stretch.ci.connectbox.org
2 | ubuntu.ci.connectbox.org developer_mode=True ansible_ssh_user=ubuntu ansible_ssh_private_key_file=../ci/travis-ci-connectbox.pem connectbox_default_hostname=ubuntu.ci.connectbox.org ansible_python_interpreter=/usr/bin/python3
3 |
--------------------------------------------------------------------------------
/ci/ci-ssh-config:
--------------------------------------------------------------------------------
1 | Host stretch.ci.connectbox.org
2 | User admin
3 | IdentityFile travis-ci-connectbox.pem
4 |
5 | Host ubuntu.ci.connectbox.org
6 | User ubuntu
7 | IdentityFile travis-ci-connectbox.pem
8 |
--------------------------------------------------------------------------------
/ci/outputs.tf:
--------------------------------------------------------------------------------
1 | output "connectbox-stretch-server-public-ip" {
2 | value = "${aws_instance.connectbox-stretch-server.public_ip}"
3 | }
4 |
--------------------------------------------------------------------------------
/ci/script_run_on_pull_requests.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | # This is only run for pull requests per suggestion at:
4 | # https://docs.travis-ci.com/user/pull-requests#Pull-Requests-and-Security-Restrictions
5 |
6 | echo "Nothing to do here";
7 |
--------------------------------------------------------------------------------
/ci/travis-ci-connectbox.pem.enc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/ci/travis-ci-connectbox.pem.enc
--------------------------------------------------------------------------------
/ci/variables.tf:
--------------------------------------------------------------------------------
1 | variable "region" { default = "us-west-2" }
2 |
3 | # So that dev of CI can happen alongside real CI builds
4 | variable "ci-dns-prefix" { default = "ci" }
5 |
6 | # Seemingly required as subnets are not necessarily created in the same AZ as
7 | # the network interfaces
8 | variable "preferred_az" {
9 | default = {
10 | "us-east-1" = "us-east-1b"
11 | "ap-southeast-2" = "ap-southeast-2a"
12 | "us-west-2" = "us-west-2a"
13 | }
14 | }
15 |
16 | variable "instance_type" { default = "t2.nano" }
17 |
18 | # Debian Stretch AMIs by region
19 | variable "stretch_amis" {
20 | default = {
21 | "us-east-1" = "ami-ac5e55d7"
22 | "ap-southeast-2" = "ami-51f61333"
23 | "us-west-2" = "ami-fa18f282"
24 | }
25 | }
26 |
27 | # Ubuntu xenial AMIs by region (hvm:ebs-ssd) (instance store unsupp on nano)
28 | # From: https://cloud-images.ubuntu.com/locator/ec2/
29 | variable "ubuntu_amis" {
30 | default = {
31 | "us-east-1" = "ami-d15a75c7"
32 | "ap-southeast-2" = "ami-e94e5e8a"
33 | "us-west-2" = "ami-835b4efa"
34 | }
35 | }
36 |
37 | variable "default_vpc_cidr" { default = "10.0.0.0/16" }
38 | variable "default_subnet_cidr" { default = "10.0.1.0/24" }
39 | variable "client_facing_subnet_cidr" { default = "10.0.2.0/24" }
40 |
41 | variable "stretch_server_client_facing_ip" { default = "10.0.2.5" }
42 | variable "ubuntu_server_client_facing_ip" { default = "10.0.2.6" }
43 |
--------------------------------------------------------------------------------
/docs/administration.md:
--------------------------------------------------------------------------------
1 | # Administering a ConnectBox
2 |
3 | This document describes how to administer a ConnectBox for a purchased unit.
4 | If you built a Raspberry Pi version you should use (https://github.com/ConnectBox/connectbox-pi/docs/administration_rpi.md)
5 |
6 | # Initial Administration
7 |
8 | 1. ConnectBox comes with system software. No content is included.
9 | 2. Plug into a power source and wait 1 minute for startup.
10 | 3. Locate and join the wireless network called _ConnectBox - Free Media_
11 | 4. Navigate to the Administration area: http://connectbox/admin and login (username and password are case sensitive):
12 |
13 | - username: admin
14 | - password: connectbox
15 |
16 | 5. _Recommended_: Change the password for the Administration area. Go to the Configure Menu and select Password. Enter a new password and press submit. When you next try to change the system, you will be prompted to login again. Use the new password when that happens.
17 | 6. _Optional_: Change the name of the system (Configure -> System). This only appears in the location bar of the browser. If you change this, you will need to login again
18 | 7. _Optional_: Change the name of the wireless network. (Configure -> SSID). When you do this, you will be disconnected from the wireless network and will need to locate and join the newly named wireless network
19 | 8. _Optional_: Change the WiFi channel. (Configure -> Channel)
20 |
21 | # Content
22 |
23 | - This assumes you are placing your content on a USB stick.
24 | - The ConnectBox will display an appropriate icon for each folder on your USB stick. A folder icon can be set in one of these ways:
25 | 1. Choose an icon from the [icon list](http://fontawesome.io/icons/) and give your folder the same name as the icon. For example, if you want to use the [address book icon](http://fontawesome.io/icon/address-book), your folder should be named `address-book`
26 | 2. Name your folder what you like e.g. `people`. Choose an icon from the [icon list](http://fontawesome.io/icons/) e.g. `address-book` and create a file next to the folder called `_icon__` e.g. `_icon_people_address-book`
27 | 3. Name your folder what you like e.g. `people`. Put your own image on the USB stick, next to the folder and name it `_icon_.` where `extension` is the image type (gif, jpg, png) e.g. `_icon_people.jpg`
28 | 4. If none of the above are done, your folder will have a [default folder icon](http://fontawesome.io/icon/folder/)
29 |
30 | - When you insert your USB stick into the ConnectBox, content will automatically be visible in the ConnectBox web interface (this is http://connectbox unless the system name has been changed during Initial Administration)
31 | - To update the files on the USB stick, go to the Configure Menu in Administration area, then go to System and press "Unmount USB", then remove the USB stick from the ConnectBox
32 |
--------------------------------------------------------------------------------
/docs/administration_rpi.md:
--------------------------------------------------------------------------------
1 | # Administering a ConnectBox
2 |
3 | This document describes how to administer a ConnectBox created in an RPi environment.
4 |
5 | # Initial Administration
6 |
7 | 1. ConnectBox comes with system software. No content is included.
8 | 2. Plug into a power source and wait 1 minute for startup.
9 | 3. Locate and join the wireless network called _ConnectBox - Free Media_
10 | 4. Navigate to the Administration area: http://connectbox/admin and login (username and password are case sensitive):
11 |
12 | - username: admin
13 | - password: connectbox
14 |
15 | 5. _Recommended_: Change the password for the Administration area. Go to the Configure Menu and select Password. Enter a new password and press submit. When you next try to change the system, you will be prompted to login again. Use the new password when that happens.
16 | 6. _Optional_: Change the name of the system (Configure -> System). This only appears in the location bar of the browser. If you change this, you will need to login again
17 | 7. _Optional_: Change the name of the wireless network. (Configure -> SSID). When you do this, you will be disconnected from the wireless network and will need to locate and join the newly named wireless network
18 | 8. _Optional_: Change the WiFi channel. (Configure -> Channel)
19 |
20 | # Content
21 |
22 | - When administering an RPi based ConnectBox, your content must be manually placed in the /media/usb0 folder.
23 | - The ConnectBox will display an appropriate icon for each folder in your /media/usb0 directory. A folder icon can be set in one of these ways:
24 | 1. Choose an icon from the [icon list](http://fontawesome.io/icons/) and give your folder the same name as the icon. For example, if you want to use the [address book icon](http://fontawesome.io/icon/address-book), your folder should be named `address-book`
25 | 2. Name your folder what you like e.g. `people`. Choose an icon from the [icon list](http://fontawesome.io/icons/) e.g. `address-book` and create a file next to the folder called `_icon__` e.g. `_icon_people_address-book`
26 | 3. Name your folder what you like e.g. `people`. Put your own image on the USB stick, next to the folder and name it `_icon_.` where `extension` is the image type (gif, jpg, png) e.g. `_icon_people.jpg`
27 | 4. If none of the above are done, your folder will have a [default folder icon](http://fontawesome.io/icon/folder/)
28 |
29 | - Content from a USB stick can be directly transferred to the /media/usb0 folder using the RPi desktop file management tools.)
30 |
--------------------------------------------------------------------------------
/docs/awsinstall.md:
--------------------------------------------------------------------------------
1 | # Installing on AWS
2 |
3 | These videos will demonstrate how to build The Well on an AWS instance for development and testing purposes. You will need an AWS account and basic understanding of using AWS to find this most helpful.
4 |
5 | * Start AWS EC2 instance (a server): https://www.loom.com/share/39624989bfa5458db8d6e79141623b81?sharedAppSource=personal_library
6 | * Setup DNS for the new instance on AWS Route 53: https://www.loom.com/share/389ace3911df48f6a1c6da7920e59fac?sharedAppSource=personal_library
7 | * Initialize SSH using your key: https://www.loom.com/share/fb2e8c0e1811442bb2189762f061101d?sharedAppSource=personal_library
8 | * Run Ansible to install The Well software onto AWS instance: https://www.loom.com/share/ca558202c06047c687c6bdbb8366fa80?sharedAppSource=personal_library
9 |
10 | Example inventory file: https://github.com/ConnectBox/connectbox-pi/blob/master/ansible/inventory.example
11 |
12 | Typical Ansible command (be in the ansible directory of this repo): ansible-playbook -i inventory site.yml
13 |
--------------------------------------------------------------------------------
/docs/simplified_making_an_image.md:
--------------------------------------------------------------------------------
1 | # Create Image
2 |
3 | This is the simplified build procedure for making a SD Card master image for the Raspberry Pi Well device.
4 |
5 | * Use a new or reformatted SD Card of 8GB. Larger may be used but the burner image will not use the extra space. Future copies of the image will benefit from larger SD Cards for additional storage.
6 | * Download the latest Raspberry Pi OS Lite (Raspbian) image to your computer: https://www.raspberrypi.org/software/operating-systems/. Be certain to download and use only the Lite version.
7 | * Using Etcher (https://www.balena.io/etcher/), burn the RaspianOS image to the SD Card.
8 | * Eject and reinsert the SD Card. Using a terminal, navigate to the boot partition on the SD Card and run this command to enable SSH:
9 | ```
10 | touch ssh
11 | ```
12 | * Use a text editor to modify cmdline.txt and remove the portion that reads (this disables the partition resize on boot):
13 | ```
14 | init=/usr/lib/raspi-config/init_resize.sh
15 | ```
16 | * Eject the SD Card and place it into the Raspberry Pi device and boot the Pi. Determine the IP Address of the device (https://www.raspberrypi.org/documentation/remote-access/ip-address.md)
17 | * Navigate to the ansible directory of this repo and create an inventory file with a single configuration row like this:
18 | ```
19 | ansible_user=pi connectbox_default_hostname=thewell wireless_country_code=US do_image_preparation=true
20 | ```
21 | * Execute Ansible command to create the image:
22 | ```
23 | ansible-playbook -i INVENTORYFILEPATH site.yml
24 | ```
25 | * Ensure that the Ansible process completes to the end. The Pi will shutdown at the end of the process. Remove the SD Card. The SD card now contains a small release image for The Well!
26 | * Insert the SD Card back in the Mac / PC.
27 | * Copy the image from the device.
28 | * Mac example (use the df command to determine the disk id such as /dev/disk4 and give a filename such as thewell-20210624-0621.img:
29 | ```
30 | sudo dd bs=1m count=3550 if=/dev/ of=
31 | ```
32 | * Compress the image with a command like this:
33 | ```
34 | xz
35 | ```
36 | * Now your finished and compressed image is called something like thewell-20210624-0621.img.xz
37 | * You can test the image by taking a new SD Card and using Etcher to burn the new image to the card. Boot the card in a Pi and wait a few minutes for the initial configuration and look for the SSID of TheWell to become visible.
38 |
39 | For Relay Trust base images, these are stored in AWS S3 at https://s3.console.aws.amazon.com/s3/buckets/thewellimages?region=us-west-2&tab=objects and are available to download at https://chat.thewellcloud.cloud/chathost/images.html
40 |
--------------------------------------------------------------------------------
/insecure_private_key:
--------------------------------------------------------------------------------
1 | -----BEGIN RSA PRIVATE KEY-----
2 | MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI
3 | w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP
4 | kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2
5 | hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO
6 | Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW
7 | yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd
8 | ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1
9 | Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf
10 | TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK
11 | iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A
12 | sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf
13 | 4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP
14 | cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk
15 | EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN
16 | CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX
17 | 3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG
18 | YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj
19 | 3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+
20 | dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz
21 | 6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC
22 | P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF
23 | llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ
24 | kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH
25 | +vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ
26 | NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s=
27 | -----END RSA PRIVATE KEY-----
28 |
--------------------------------------------------------------------------------
/python/admin/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/python/admin/__init__.py
--------------------------------------------------------------------------------
/python/chat/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ConnectBox/connectbox-pi/9b70d3bdf4c9e8e075fc4f96b49b3df58118c827/python/chat/__init__.py
--------------------------------------------------------------------------------
/python/chat/server.py:
--------------------------------------------------------------------------------
1 | from flask import jsonify, request
2 | from chat import datasource
3 |
4 | def add_message(message):
5 | return datasource.insert_message(
6 | message['nick'], message['body'], message['textDirection'])
7 |
8 | def get_messages(max_id=None):
9 | return datasource.query_messages(since=max_id)
10 |
11 | def cleanup_messages():
12 | before = datasource.record_count()
13 | datasource.delete_records()
14 | after = datasource.record_count()
15 | return before - after
16 |
17 | def messages_endpoint():
18 | result = None
19 | if request.method == 'GET':
20 | max_id = request.args.get('max_id', 0)
21 | result = get_messages(max_id=max_id)
22 | if max_id != 0 and not result:
23 | return ('', 204)
24 | elif request.method == 'POST':
25 | payload = request.json or {}
26 | result = add_message(payload)
27 | elif request.method == 'DELETE':
28 | result = cleanup_messages()
29 |
30 | return jsonify({'result': result})
31 |
32 | def textdirection_endpoint():
33 | text_direction = datasource.query_defaultTextDirection()
34 | return jsonify({'result': text_direction})
35 |
36 | def register(app, chat_connection_info):
37 | datasource.open_connection(chat_connection_info())
38 | datasource.setup()
39 | app.add_url_rule(
40 | rule='/chat/messages',
41 | endpoint='messages_endpoint',
42 | methods=['GET', 'POST', 'DELETE'],
43 | view_func=messages_endpoint)
44 | app.add_url_rule(
45 | rule='/chat/messages/textDirection',
46 | endpoint='textdirection_endpoint',
47 | methods=['GET'],
48 | view_func=textdirection_endpoint)
49 |
--------------------------------------------------------------------------------
/python/defaults.cfg:
--------------------------------------------------------------------------------
1 | [main]
2 | # Directory to store the sqlite databases
3 | DATABASE_DIRECTORY: /tmp
4 |
--------------------------------------------------------------------------------
/python/main.py:
--------------------------------------------------------------------------------
1 | import os
2 | from six.moves import configparser
3 |
4 | from flask import Flask
5 | from chat.server import register as register_chat
6 | from admin.api import register as register_admin
7 |
8 | # Ubuntu CI may not have locale set (see #134)
9 | import locale
10 | if locale.getlocale()[1] != "UTF-8":
11 | local_lang = locale.getlocale()[0]
12 | if local_lang is None:
13 | locale.setlocale(locale.LC_ALL, "C.UTF-8")
14 | else:
15 | locale.setlocale(locale.LC_ALL, local_lang + ".UTF-8")
16 |
17 |
18 | config_parser = configparser.ConfigParser()
19 | config_parser.readfp(open('%s/defaults.cfg' % os.path.dirname(os.path.abspath(__file__))))
20 | config_parser.read(['/usr/local/connectbox/etc/connectbox.conf'])
21 |
22 | DATABASE_DIRECTORY = config_parser.get('main', 'DATABASE_DIRECTORY')
23 |
24 | def chat_connection_info():
25 | """ get db connection info string """
26 | return 'sqlite:///%s/cbchat.db' % (DATABASE_DIRECTORY)
27 |
28 | app = Flask(__name__)
29 |
30 | register_chat(app, chat_connection_info)
31 | register_admin(app)
32 |
33 | # @app.route('/foo')
34 | # def foo():
35 | # return jsonify({'tasks': ['a','b','c']})
36 |
37 | if __name__ == "__main__":
38 | # XXX debug should be off for non-development releases
39 | app.run(host='0.0.0.0', port=5000, debug=True)
40 |
--------------------------------------------------------------------------------
/python/requirements.dev.txt:
--------------------------------------------------------------------------------
1 | flake8
2 | Flask==0.12.3
3 | sqlalchemy==1.3.0
4 | six==1.11.0
5 |
--------------------------------------------------------------------------------
/requirements.in:
--------------------------------------------------------------------------------
1 | ansible>=2.7.*
2 | ansible-lint
3 | cryptography>=2.8
4 | flake8
5 | Flask
6 | requests
7 | dnspython
8 |
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | #
2 | # This file is autogenerated by pip-compile
3 | # To update, run:
4 | #
5 | # pip-compile requirements.in
6 | #
7 | ansible-lint>=4.2.0 # via -r requirements.in (line 2)
8 | ansible>=2.7.16 # via -r requirements.in (line 1), ansible-lint
9 | bcrypt==3.1.7 # via paramiko
10 | certifi>=2019.11.28 # via requests
11 | cffi>=1.14.0 # via bcrypt, cryptography, pynacl
12 | chardet>=3.0.4 # via requests
13 | click>=7.0 # via flask
14 | cryptography>=2.8 # via ansible, paramiko
15 | dnspython>=1.16.0 # via -r requirements.in (line 6)
16 | entrypoints>=0.3 # via flake8
17 | flake8>=3.7.9 # via -r requirements.in (line 3)
18 | flask>=1.1.1 # via -r requirements.in (line 4)
19 | idna>=2.9 # via requests
20 | itsdangerous>=1.1.0 # via flask
21 | jinja2>=2.11.1 # via ansible, flask
22 | markupsafe==1.1.1 # via jinja2
23 | mccabe==0.6.1 # via flake8
24 | paramiko>=2.7.1 # via ansible
25 | pycodestyle>=2.5.0 # via flake8
26 | pycparser>=2.19 # via cffi
27 | pyflakes>=2.1.1 # via flake8
28 | pynacl>=1.4.0 # via paramiko
29 | pyyaml>=5.3 # via ansible, ansible-lint
30 | requests>=2.23.0 # via -r requirements.in (line 5)
31 | ruamel.yaml.clib>=0.2.0 # via ruamel.yaml
32 | ruamel.yaml>=0.16.10 # via ansible-lint
33 | six>=1.14.0 # via ansible-lint, bcrypt, cryptography, pynacl
34 | urllib3>=1.25.8 # via requests
35 | werkzeug>=1.0.0 # via flask
36 |
37 |
38 | # The following packages are considered to be unsafe in a requirements file:
39 | # setuptools
40 |
--------------------------------------------------------------------------------
/scripts/CreateLogFiles.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # The directories /var/log/connectbox and /var/log/nginx are being
4 | # deleted ate every reboot of the ConnectBox (reason unknown)
5 | # This script will run at reboot and rebuild those files, then
6 | # restart the nginx service.
7 |
8 | if [ ! -d "/var/log/connectbox" ]
9 | then
10 | mkdir /var/log/connectbox
11 | fi
12 |
13 | if [ ! -d "/var/log/nginx" ]
14 | then
15 | mkdir /var/log/nginx
16 | fi
17 |
18 | touch /var/log/connectbox/captive_portal-access.log
19 | touch /var/log/connectbox/captive_portal-error.log
20 | touch /var/log/connectbox/connectbox-access.log
21 | touch /var/log/connectbox/connectbox-error.log
22 | touch /var/log/nginx/access.log
23 | touch /var/log/nginx/error.log
24 |
25 | systemctl restart nginx
26 |
27 |
--------------------------------------------------------------------------------
/scripts/determineBoxID.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/perl
2 |
3 | # If a box doesn't have a statically assigned MAC address, such as NEO, we need to craft a boxid (in MAC format)
4 | # that can be used for phone home
5 | # Derek Maxson, 20211115
6 |
7 | # Get eth0 MAC Address
8 | my $mac = `cat /sys/class/net/eth0/address`;
9 |
10 | # Get the second character in the string
11 | my $magicBit = substr($mac,1,1);
12 |
13 | # Evaluate if the string is indicating a "locally-administered MAC address"
14 | if ($magicBit eq "2" || $magicBit eq "6" || lc($magicBit) eq "a" || lc($magicBit) eq "e") {
15 | #print "Locally Administered\n";
16 | # Now craft new MAC from machine-id so that it won't change all the time!
17 | my $machineId = `cat /etc/machine-id`;
18 | $mac = "0a" . substr($machineId,0,10);
19 | $mac = join(':', unpack '(A2)*', $mac);
20 | }
21 |
22 | print $mac;
--------------------------------------------------------------------------------
/scripts/wlan0.pl:
--------------------------------------------------------------------------------
1 | #!/usr/bin/perl
2 |
3 | # This program does steps necessary to unblock (rfkill) and init the wlan0 for client Wi-Fi on RPi
4 |
5 | my $rfkill = `sudo rfkill list 0 |grep 'Soft blocked: yes'`;
6 |
7 | print "rfkill says: $rfkill\n";
8 |
9 | if ($rfkill =~ /yes/) {
10 | print "Unkilling the rfkill for wlan0\n";
11 | system ("rfkill unblock 0");
12 | system ("/usr/local/connectbox/bin/wlan0.pl &");
13 | }
14 | else {
15 | system ("ifdown wlan0");
16 | system ("ifup wlan0");
17 | }
18 |
--------------------------------------------------------------------------------