Merge branch 'master' of github.com:ffdo/ffdo-ansible

Makefile

@@ -1,4 +1,6 @@
-ANSIBLE=ansible-playbook -i inventories/dortmund
+INVENTORY?=dortmund
+
+ANSIBLE=ansible-playbook -s -i inventories/$(INVENTORY)
 
 .PHONY: setup test update manage-users check-playbooks
 

Vagrantfile

@@ -1,13 +1,15 @@
+ANSIBLE_INVENTORY_DIR = 'inventories/vagrant'
+
 Vagrant.configure("2") do |config|
 
   N = 2
   # box_name = "ARTACK/debian-jessie"
   box_name = "debian/jessie64"
   (1..N).each do |machine_id|
-    config.vm.define "node0#{machine_id}" do |node|
+    config.vm.define "snode0#{machine_id}-1.ffdo.de" do |node|
       node.vm.box = box_name
-      node.vm.hostname = "node0#{machine_id}"
-      node.vm.network "private_network", ip: "192.168.77.#{20+machine_id}"
+      node.vm.hostname = "snode0#{machine_id}-1.ffdo.de"
+      # node.vm.network "private_network", ip: "192.168.77.#{20+machine_id}"
 
       node.vm.provider :virtualbox do |vb|
         vb.customize [
@@ -15,47 +17,13 @@ Vagrant.configure("2") do |config|
           "--memory", "128",
         ]
       end
-
-      node.vm.provision :ansible do |ansible|
-        ansible.playbook = "playbooks/supernode.yml"
-
-        ansible.groups = {
-          "supernodes" => ["node01", "node02"],
-        }
-      end
     end
   end
 
-=begin
-  U = 1
-  (1..U).each do |machine_id|
-    config.vm.define "uplink0#{machine_id}" do |node|
-      node.vm.box = box_name
-      node.vm.hostname = "uplink0#{machine_id}"
-      node.vm.network "private_network", ip: "192.168.77.#{30+machine_id}"
-
-      node.vm.provider :virtualbox do |vb|
-        vb.customize [
-          "modifyvm", :id,
-          "--memory", "128",
-        ]
-      end
-
-      node.vm.provision :ansible do |ansible|
-        ansible.playbook = "playbook.yml"
-
-        ansible.groups = {
-          "uplinks" => ["uplink01"]
-        }
-      end
-    end
-  end
-=end
-
-  config.vm.define "mapserver" do |node|
+  config.vm.define "map.ffdo.de" do |node|
     node.vm.box = box_name
-    node.vm.hostname = "mapserver"
-    node.vm.network "private_network", ip: "192.168.77.29"
+    node.vm.hostname = "map.ffdo.de"
+    # node.vm.network "private_network", ip: "192.168.77.29"
 
     node.vm.provider :virtualbox do |vb|
       vb.customize [
@@ -63,13 +31,16 @@ Vagrant.configure("2") do |config|
         "--memory", "128",
       ]
     end
+  end
 
-    node.vm.provision :ansible do |ansible|
-      ansible.playbook = "playbooks/mapserver.yml"
-
-      ansible.groups = {
-        "mapservers" => ["mapserver"]
-      }
-    end
+=begin
+  config.vm.provision :ansible do |ansible|
+    ansible.inventory_path = ANSIBLE_INVENTORY_DIR
+    ansible.groups = {
+      "mapservers" => ["mapserver"],
+      "supernodes" => ["node01", "node02"],
+    }
+    ansible.playbook = "playbooks/supernode.yml"
   end
+=end
 end

playbooks/group_vars/mapservers/meshviewer.yml

@@ -1,3 +1,2 @@
 meshviewer_data_url: "https://map.ffdo.de/data/"
-meshviewer_site_name: Freifunk Dortmund
-meshviewer_version: v3
+meshviewer_site_name: Freifunk Dortmund

playbooks/mapserver.yml

@@ -5,4 +5,5 @@
 
 - hosts: mapservers
   roles:
-  - ffdo.mapserver
+  - ffdo.mapserver
+  - ffdo.gitit

roles/internal/ffdo.authentication/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for ffdo.authentication
 
 - name: Ensure sudo is installed
-  apt: name=sudo state=present
+  apt: name=sudo state=present update_cache=yes cache_valid_time=3600
 
 - name: Disable password based sudo for users in group sudo and enable password less sudo
   lineinfile:

roles/internal/ffdo.batman/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for batman
 
 - name: Install B.A.T.M.A.N. ctl via APT
-  apt: name={{item}} state=present
+  apt: name={{item}} state=present update_cache=yes cache_valid_time=3600
   with_items:
   - batctl
 

roles/internal/ffdo.bird/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for ffdo.bird
 
 - name: Ensure bird routing daemon is installed
-  apt: name=bird state=present
+  apt: name=bird state=present update_cache=yes cache_valid_time=3600
 
 - name: Ensure bird config dir exists
   file: name={{bird_config_dir}} state=directory

roles/internal/ffdo.dhcp/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for ffdo-dhcp
 
 - name: Ensure ISC DHCPD is installed
-  apt: name=isc-dhcp-server state=present
+  apt: name=isc-dhcp-server state=present update_cache=yes cache_valid_time=3600
 
 - name: Install dhcpd.conf
   template:

roles/internal/ffmap-backend/tasks/main.yml

@@ -7,7 +7,7 @@
   when: ansible_distribution == 'Debian' and ansible_distribution_release == 'wheezy'
 
 - name: Install ffmap-backend dependencies
-  apt: name={{item}} state=present
+  apt: name={{item}} state=present update_cache=yes cache_valid_time=3600
   with_items: "{{ffmap_backend_dependencies}}"
 
 - name: Install ffmap-backend python dependencies

roles/internal/ffdo.gitit/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/internal/ffdo.gitit/defaults/main.yml

@@ -0,0 +1,8 @@
+---
+# defaults file for ffdo.gitit
+
+gitit_data_dir: /srv/gitit
+gitit_user: gitit
+gitit_group: gitit
+gitit_wiki_title: Freifunk-Dortmund-Wiki
+gitit_wiki_repo: ""

roles/internal/ffdo.gitit/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+# handlers file for ffdo.gitit
+
+- name: Restart gitit
+  service: name=gitit state=reloaded

roles/internal/ffdo.gitit/meta/main.yml

@@ -0,0 +1,136 @@
+---
+galaxy_info:
+  author: your name
+  description: 
+  company: your company (optional)
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+  min_ansible_version: 1.2
+  #
+  # Below are all platforms currently available. Just uncomment
+  # the ones that apply to your role. If you don't see your 
+  # platform on this list, let us know and we'll get it added!
+  #
+  #platforms:
+  #- name: EL
+  #  versions:
+  #  - all
+  #  - 5
+  #  - 6
+  #  - 7
+  #- name: GenericUNIX
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Fedora
+  #  versions:
+  #  - all
+  #  - 16
+  #  - 17
+  #  - 18
+  #  - 19
+  #  - 20
+  #  - 21
+  #  - 22
+  #- name: Windows
+  #  versions:
+  #  - all
+  #  - 2012R2
+  #- name: SmartOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: opensuse
+  #  versions:
+  #  - all
+  #  - 12.1
+  #  - 12.2
+  #  - 12.3
+  #  - 13.1
+  #  - 13.2
+  #- name: Amazon
+  #  versions:
+  #  - all
+  #  - 2013.03
+  #  - 2013.09
+  #- name: GenericBSD
+  #  versions:
+  #  - all
+  #  - any
+  #- name: FreeBSD
+  #  versions:
+  #  - all
+  #  - 8.0
+  #  - 8.1
+  #  - 8.2
+  #  - 8.3
+  #  - 8.4
+  #  - 9.0
+  #  - 9.1
+  #  - 9.1
+  #  - 9.2
+  #- name: Ubuntu
+  #  versions:
+  #  - all
+  #  - lucid
+  #  - maverick
+  #  - natty
+  #  - oneiric
+  #  - precise
+  #  - quantal
+  #  - raring
+  #  - saucy
+  #  - trusty
+  #  - utopic
+  #  - vivid
+  #- name: SLES
+  #  versions:
+  #  - all
+  #  - 10SP3
+  #  - 10SP4
+  #  - 11
+  #  - 11SP1
+  #  - 11SP2
+  #  - 11SP3
+  #- name: GenericLinux
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Debian
+  #  versions:
+  #  - all
+  #  - etch
+  #  - jessie
+  #  - lenny
+  #  - squeeze
+  #  - wheezy
+  #
+  # Below are all categories currently available. Just as with
+  # the platforms above, uncomment those that apply to your role.
+  #
+  #categories:
+  #- cloud
+  #- cloud:ec2
+  #- cloud:gce
+  #- cloud:rax
+  #- clustering
+  #- database
+  #- database:nosql
+  #- database:sql
+  #- development
+  #- monitoring
+  #- networking
+  #- packaging
+  #- system
+  #- web
+dependencies: 
+- ffdo.mapserver-nginx

roles/internal/ffdo.gitit/tasks/main.yml

@@ -0,0 +1,94 @@
+---
+# tasks file for ffdo.gitit
+
+- name: Ensure group for gitit exists
+  group: name={{gitit_group}}
+
+- name: Ensure user for gitit exists
+  user: 
+    name: "{{gitit_user}}"
+    createhome: yes
+    home: "{{gitit_data_dir}}"
+    group: "{{gitit_group}}"
+
+- name: Ensure prerequisites for gitit are instaled
+  apt: name={{item}} state=present update_cache=yes cache_valid_time=3600
+  with_items:
+  - git
+  - gitit
+
+- name: Install gitit configuration
+  template:
+    src: conf.j2
+    dest: "{{gitit_data_dir}}/gitit.conf"
+    owner: "{{gitit_user}}"
+  notify:
+  - Restart gitit
+
+- name: Ensure static content directories exists
+  file:
+    dest: "{{gitit_data_dir}}/static/{{item}}"
+    state: directory
+    owner: "{{gitit_user}}"
+  with_items:
+  - css
+  - img
+
+- name: Ensure template directory exists
+  file:
+    dest: "{{gitit_data_dir}}/templates"
+    state: directory
+    owner: "{{gitit_user}}"
+
+- name: Ensure custom footer exists
+  template:
+    src: footer.st.j2
+    dest: "{{gitit_data_dir}}/templates/footer.st"
+    owner: "{{gitit_user}}"
+
+- name: Ensure custom css exists
+  template:
+    src: custom.css.j2
+    dest: "{{gitit_data_dir}}/static/css/custom.css"
+    owner: "{{gitit_user}}"
+
+- name: Ensure wikidata directory exists
+  file:
+    dest: "{{gitit_data_dir}}/wikidata"
+    state: directory
+    owner: "{{gitit_user}}"
+
+#- name: Clone wiki repo
+#  git:
+#    src: "{{gitit_wiki_repo}}"
+#    dest: "{{gitit_data_dir}}/wikidata"
+
+# TODO restore user data
+
+- name: Install nginx configs
+  template:
+    src: "nginx.j2"
+    dest: "/etc/nginx/sites-available/wiki"
+  notify:
+  - Restart nginx
+
+- name: Activate nginx configurations
+  file:
+    src: /etc/nginx/sites-available/wiki
+    dest: /etc/nginx/sites-enabled/wiki
+    state: link
+  notify:
+  - Restart nginx
+
+- name: Install systemd unit
+  register: gitit_systemd_unit
+  template:
+    src: systemd.j2
+    dest: /etc/systemd/system/gitit.service
+
+- name: Systemd daemon-reload
+  when: gitit_systemd_unit|changed
+  shell: systemctl daemon-reload
+
+- name: Ensure gitit is started and enabled
+  service: name=gitit state=started enabled=yes

roles/internal/ffdo.gitit/templates/conf.j2

@@ -0,0 +1,261 @@
+# gitit wiki configuration file
+
+address: 127.0.0.1
+
+port: 55001
+# sets the port on which the web server will run.
+
+wiki-title: {{gitit_wiki_title}}
+# the title of the wiki.
+
+repository-type: Git
+# specifies the type of repository used for wiki content.
+# Options are Git, Darcs, and Mercurial.
+
+repository-path: wikidata
+# specifies the path of the repository directory.  If it does not
+# exist, gitit will create it on startup.
+
+require-authentication: modify
+# if 'none', login is never required, and pages can be edited anonymously.
+# if 'modify', login is required to modify the wiki (edit, add, delete
+# pages, upload files).
+# if 'read', login is required to see any wiki pages.
+
+authentication-method: form
+# 'form' means that users will be logged in and registered
+# using forms in the gitit web interface.  'http' means
+# that gitit will assume that HTTP authentication is in
+# place and take the logged in username from the "Authorization"
+# field of the HTTP request header (in addition,
+# the login/logout and registration links will be
+# suppressed).  'generic' means that gitit will assume that
+# some form of authentication is in place that directly
+# sets REMOTE_USER to the name of the authenticated user
+# (e.g. mod_auth_cas on apache).  'rpx' means that gitit
+# will attempt to log in through https://rpxnow.com.
+# This requires that 'rpx-domain', 'rpx-key', and 'base-url'
+# be set below, and that 'curl' be in the system path.
+
+user-file: gitit-users
+# specifies the path of the file containing user login information.
+# If it does not exist, gitit will create it (with an empty user list).
+# This file is not used if 'http' is selected for authentication-method.
+
+session-timeout: 60
+# number of minutes of inactivity before a session expires.
+
+static-dir: wikidata/_NOWIKI/static
+# specifies the path of the static directory (containing javascript,
+# css, and images).  If it does not exist, gitit will create it
+# and populate it with required scripts, stylesheets, and images.
+
+default-page-type: Markdown
+# specifies the type of markup used to interpret pages in the wiki.
+# Possible values are Markdown, RST, LaTeX, HTML, Markdown+LHS, RST+LHS,
+# and LaTeX+LHS. (The +LHS variants treat the input as
+# literate Haskell. See pandoc's documentation for more details.) If
+# Markdown is selected, pandoc's syntax extensions (for footnotes,
+# delimited code blocks, etc.) will be enabled. Note that pandoc's
+# reStructuredText parser is not complete, so some pages may not be
+# rendered correctly if RST is selected. The same goes for LaTeX and
+# HTML.
+
+math: MathML
+# specifies how LaTeX math is to be displayed.  Possible values
+# are MathML, raw, mathjax, jsMath, and google.  If mathml is selected,
+# gitit will convert LaTeX math to MathML and link in a script,
+# MathMLinHTML.js, that allows the MathML to be seen in Gecko browsers, IE +
+# mathplayer, and Opera. In other browsers you may get a jumble of characters.
+# If raw is selected, the LaTeX math will be displayed as raw LaTeX math.
+# If mathjax is selected, gitit will link to the remote mathjax script.
+# If jsMath is selected, gitit will link to the script /js/jsMath/easy/load.js,
+# and will assume that jsMath has been installed into the js/jsMath directory.
+# This is the most portable solution. If google is selected, the google chart
+# API is called to render the formula as an image. This requires a connection
+# to google, and might raise a technical or a privacy problem.
+
+show-lhs-bird-tracks: no
+# specifies whether to show Haskell code blocks in "bird style",
+# with "> " at the beginning of each line.
+
+templates-dir: wikidata/_NOWIKI/templates
+# specifies the path of the directory containing page templates.
+# If it does not exist, gitit will create it with default templates.
+# Users may wish to edit the templates to customize the appearance of
+# their wiki. The template files are HStringTemplate templates.
+# Variables to be interpolated appear between $'s. Literal $'s must be
+# backslash-escaped.
+
+log-file: gitit.log
+# specifies the path of gitit's log file.  If it does not exist,
+# gitit will create it. The log is in Apache combined log format.
+
+log-level: ERROR
+# determines how much information is logged.
+# Possible values (from most to least verbose) are DEBUG, INFO,
+# NOTICE, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY.
+
+front-page: Front Page
+# specifies which wiki page is to be used as the wiki's front page.
+# Gitit creates a default front page on startup, if one does not exist
+# already.
+
+no-delete: Front Page, Help
+# specifies pages that cannot be deleted through the web interface.
+# (They can still be deleted directly using git or darcs.)
+# A comma-separated list of page names.  Leave blank to allow
+# every page to be deleted.
+
+no-edit: Help
+# specifies pages that cannot be edited through the web interface.
+# Leave blank to allow every page to be edited.
+
+default-summary:
+# specifies text to be used in the change description if the author
+# leaves the "description" field blank.  If default-summary is blank
+# (the default), the author will be required to fill in the description
+# field.
+
+table-of-contents: yes
+# specifies whether to print a tables of contents (with links to
+# sections) on each wiki page.
+
+plugins:
+# specifies a list of plugins to load.  Plugins may be specified
+# either by their path or by their module name.  If the plugin name
+# starts with Gitit.Plugin., gitit will assume that the plugin is
+# an installed module and will not try to find a source file.
+# Examples:
+# plugins: plugins/DotPlugin.hs, CapitalizeEmphasisPlugin.hs
+# plugins: plugins/DotPlugin
+# plugins: Gitit.Plugin.InterwikiLinks
+
+use-cache: no
+# specifies whether to cache rendered pages.  Note that if use-feed
+# is selected, feeds will be cached regardless of the value of use-cache.
+
+cache-dir: cache
+# directory where rendered pages will be cached
+
+max-upload-size: 100K
+# specifies an upper limit on the size (in bytes) of files uploaded
+# through the wiki's web interface.
+# To disable uploads, set this to 0K.
+# This will result in the uploads link disappearing
+# and the _upload url becoming inactive.
+
+max-page-size: 100K
+# specifies an upper limit on the size (in bytes) of pages
+
+debug-mode: no
+# if "yes", causes debug information to be logged while gitit is running.
+
+compress-responses: no
+# specifies whether HTTP responses should be compressed.
+
+mime-types-file: /etc/mime.types
+# specifies the path of a file containing mime type mappings.
+# Each line of the file should contain two fields, separated by
+# whitespace. The first field is the mime type, the second is a
+# file extension.  For example:
+# video/x-ms-wmx                    wmx
+# If the file is not found, some simple defaults will be used.
+
+use-recaptcha: no
+# if "yes", causes gitit to use the reCAPTCHA service
+# (http://recaptcha.net) to prevent bots from creating accounts.
+
+recaptcha-private-key:
+recaptcha-public-key:
+# specifies the public and private keys for the reCAPTCHA service.
+# To get these, you need to create an account at http://recaptcha.net.
+
+access-question:
+access-question-answers:
+# specifies a question that users must answer when they attempt to create
+# an account, along with a comma-separated list of acceptable answers.
+# This can be used to institute a rudimentary password for signing up as
+# a user on the wiki, or as an alternative to reCAPTCHA.
+# Example:
+# access-question:  What is the code given to you by Ms. X?
+# access-question-answers:  RED DOG, red dog
+
+rpx-domain:
+rpx-key:
+# Specifies the domain and key of your RPX account.  The domain is
+# just the prefix of the complete RPX domain, so if your full domain
+# is 'https://foo.rpxnow.com/', use 'foo' as the value of rpx-domain.
+
+mail-command: sendmail %s
+# specifies the command to use to send notification emails.
+# '%s' will be replaced by the destination email address.
+# The body of the message will be read from stdin.
+# If this field is left blank, password reset will not be offered.
+
+reset-password-message:
+  > From: nobody@$hostname$
+  > To: $useremail$
+  > Subject: Wiki password reset
+  >
+  > Dear $username$:
+  >
+  > To reset your password, please follow the link below:
+  > http://$hostname$:$port$$resetlink$
+  >
+  > Yours sincerely,
+  > The Wiki Master
+
+# gives the text of the message that will be sent to the user should she
+# want to reset her password, or change other registration info.
+# The lines must be indented, and must begin with '>'.  The initial
+# spaces and '> ' will be stripped off. $username$ will be replaced
+# by the user's username, $useremail$ by her email address,
+# $hostname$ by the hostname on which the wiki is running (as
+# returned by the hostname system call), $port$ by the port on
+# which the wiki is running, and $resetlink$ by the
+# relative path of a reset link derived from the user's existing
+# hashed password. If your gitit wiki is being proxied to a location
+# other than the root path of $port$, you should change the link to
+# reflect this: for example, to
+# http://$hostname$/path/to/wiki$resetlink$ or
+# http://gitit.$hostname$$resetlink$
+
+use-feed: no
+# specifies whether an ATOM feed should be enabled (for the site and for
+# individual pages)
+
+base-url:
+# the base URL of the wiki, to be used in constructing feed IDs
+# and RPX token_urls.  Set this if use-feed is 'yes' or
+# authentication-method is 'rpx'.
+
+absolute-urls: yes
+# make wikilinks absolute with respect to the base-url.
+# So, for example, in a wiki served at the base URL '/wiki', on a page
+# Sub/Page, the wikilink '[Cactus]()' will produce a link to
+# '/wiki/Cactus' if absolute-urls is 'yes', and a relative link to 'Cactus'
+# (referring to '/wiki/Sub/Cactus') if absolute-urls is 'no'.
+
+feed-days: 14
+# number of days to be included in feeds.
+
+feed-refresh-time: 60
+# number of minutes to cache feeds before refreshing
+
+pdf-export: no
+# if yes, PDF will appear in export options. PDF will be created using
+# pdflatex, which must be installed and in the path. Note that PDF
+# exports create significant additional server load.
+
+pandoc-user-data:
+# if a directory is specified, this will be searched for pandoc
+# customizations. These can include a templates/ directory for custom
+# templates for various export formats, an S5 directory for custom
+# S5 styles, and a reference.odt for ODT exports. If no directory is
+# specified, $HOME/.pandoc will be searched. See pandoc's README for
+# more information.
+
+xss-sanitize: yes
+# if yes, all HTML (including that produced by pandoc) is filtered
+# through xss-sanitize.  Set to no only if you trust all of your users.

roles/internal/ffdo.gitit/templates/custom.css.j2

@@ -0,0 +1,4 @@
+@import url("screen.css"); /* default gitit screen styles */
+@import url("hk-pyg.css"); /* for syntax highlighting */
+
+/* Put your custom style modifications here: */

roles/internal/ffdo.gitit/templates/systemd.j2

@@ -0,0 +1,13 @@
+[Unit]
+Description=gitit
+
+[Service]
+Environment=LANG=de_DE.UTF-8
+Environment=LC_ALL=de_DE.UTF-8
+Environment=LC_LANG=de_DE.UTF-8
+ExecStart=/usr/bin/gitit -f {{gitit_data_dir}}/gitit.conf -l 127.0.0.1
+Restart=on-failure
+User={{gitit_user}}
+
+[Install]
+WantedBy=multi-user.target

roles/internal/ffdo.gitit/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for ffdo.gitit

roles/internal/ffdo.gluon-collector/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/internal/ffdo.gluon-collector/defaults/main.yml

@@ -0,0 +1,21 @@
+---
+# defaults file for ffdo.gluon-collector
+
+gluon_collector_http_port: 8080
+gluon_collector_http_address: "127.0.0.1"
+gluon_collector_store_type: bolt
+gluon_collector_base_path: /opt/gluon-collector
+gluon_collector_db_path: "{{gluon_collector_base_path}}/collector.db"
+gluon_collector_config_path: "{{gluon_collector_base_path}}/gluon-collector.yml"
+gluon_collector_expire_nodes: 365
+gluon_collector_log_level: warn
+gluon_collector_log_path: "{{gluon_collector_base_path}}/collector.log"
+gluon_collector_interval_statistics: 300
+gluon_collector_interval_nodeinfo: 1800
+gluon_collector_interval_expire: 3
+gluon_collector_user: gluon-collector 
+gluon_collector_group: gluon-collector
+gluon_collector_version: "v1.1"
+gluon_collector_download_url: "https://github.com/ffdo/node-informant/releases/download/{{gluon_collector_version}}/gluon-collector"
+gluon_collector_use_supervisor: true
+gluon_collector_supervisor_config_path: /etc/supervisor/conf.d

roles/internal/ffdo.gluon-collector/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+# handlers file for ffdo.gluon-collector
+
+- name: Restart gluon-collector
+  service: name=gluon-collector state=restarted

roles/internal/ffdo.gluon-collector/meta/main.yml

@@ -0,0 +1,139 @@
+---
+galaxy_info:
+  author: your name
+  description: 
+  company: your company (optional)
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+  min_ansible_version: 1.2
+  #
+  # Below are all platforms currently available. Just uncomment
+  # the ones that apply to your role. If you don't see your 
+  # platform on this list, let us know and we'll get it added!
+  #
+  #platforms:
+  #- name: EL
+  #  versions:
+  #  - all
+  #  - 5
+  #  - 6
+  #  - 7
+  #- name: GenericUNIX
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Fedora
+  #  versions:
+  #  - all
+  #  - 16
+  #  - 17
+  #  - 18
+  #  - 19
+  #  - 20
+  #  - 21
+  #  - 22
+  #- name: Windows
+  #  versions:
+  #  - all
+  #  - 2012R2
+  #- name: SmartOS
+  #  versions:
+  #  - all
+  #  - any
+  #- name: opensuse
+  #  versions:
+  #  - all
+  #  - 12.1
+  #  - 12.2
+  #  - 12.3
+  #  - 13.1
+  #  - 13.2
+  #- name: Amazon
+  #  versions:
+  #  - all
+  #  - 2013.03
+  #  - 2013.09
+  #- name: GenericBSD
+  #  versions:
+  #  - all
+  #  - any
+  #- name: FreeBSD
+  #  versions:
+  #  - all
+  #  - 8.0
+  #  - 8.1
+  #  - 8.2
+  #  - 8.3
+  #  - 8.4
+  #  - 9.0
+  #  - 9.1
+  #  - 9.1
+  #  - 9.2
+  #- name: Ubuntu
+  #  versions:
+  #  - all
+  #  - lucid
+  #  - maverick
+  #  - natty
+  #  - oneiric
+  #  - precise
+  #  - quantal
+  #  - raring
+  #  - saucy
+  #  - trusty
+  #  - utopic
+  #  - vivid
+  #- name: SLES
+  #  versions:
+  #  - all
+  #  - 10SP3
+  #  - 10SP4
+  #  - 11
+  #  - 11SP1
+  #  - 11SP2
+  #  - 11SP3
+  #- name: GenericLinux
+  #  versions:
+  #  - all
+  #  - any
+  #- name: Debian
+  #  versions:
+  #  - all
+  #  - etch
+  #  - jessie
+  #  - lenny
+  #  - squeeze
+  #  - wheezy
+  #
+  # Below are all categories currently available. Just as with
+  # the platforms above, uncomment those that apply to your role.
+  #
+  #categories:
+  #- cloud
+  #- cloud:ec2
+  #- cloud:gce
+  #- cloud:rax
+  #- clustering
+  #- database
+  #- database:nosql
+  #- database:sql
+  #- development
+  #- monitoring
+  #- networking
+  #- packaging
+  #- system
+  #- web
+dependencies: []
+  # List your role dependencies here, one per line.
+  # Be sure to remove the '[]' above if you add dependencies
+  # to this list.
+  

roles/internal/ffdo.gluon-collector/tasks/main.yml

@@ -0,0 +1,64 @@
+---
+# tasks file for ffdo.gluon-collector
+
+- when: ansible_machine != "x86_64"
+  set_fact: gluon_collector_download_url="{{gluon_collector_download_url}}-386"
+
+- name: Create Group for gluon-collector 
+  group:
+    name: "{{gluon_collector_group}}"
+    state: present
+    system: yes
+
+- name: Create user for gluon-collector 
+  user: 
+    name: "{{gluon_collector_user}}" 
+    createhome: no 
+    home: "{{gluon_collector_base_path}}"
+    system: yes
+    state: present
+    groups: "{{gluon_collector_group}}"
+
+- name: Create install directory for gluon-collector 
+  file:
+    dest: "{{gluon_collector_base_path}}" 
+    state: directory 
+    owner: "{{gluon_collector_user}}"
+    group: "{{gluon_collector_group}}"
+
+- name: Create gluon-collector configuration
+  template: 
+    src: config.j2
+    dest: "/etc/gluon-collector.yaml"
+    owner: "{{gluon_collector_user}}"
+    group: "{{gluon_collector_group}}"
+    mode: "u=rw,g=rw,o=r"
+  notify: Restart gluon-collector
+
+- name: Download gluon-collector 
+  get_url:
+    dest: "{{gluon_collector_base_path}}/gluon-collector"
+    url: "{{gluon_collector_download_url}}"
+
+- name: Set permission on gluon-collector executable
+  file:
+    dest: "{{gluon_collector_base_path}}/gluon-collector"
+    owner: "{{gluon_collector_user}}"
+    group: "{{gluon_collector_group}}"
+    mode: "u=rwx,g=rw,o=r"
+
+- name: Generate systemd service
+  register: gluon_collector_systemd
+  template:
+    src: systemd.j2
+    dest: /etc/systemd/system/gluon-collector.service
+
+- name: Systemd deamon-reload
+  when: gluon_collector_systemd|changed
+  shell: systemctl daemon-reload
+
+- name: Ensure gluon-collector is started and enabled via systemd
+  service:
+    name: gluon-collector
+    state: started
+    enabled: yes

roles/internal/ffdo.gluon-collector/templates/config.j2

@@ -0,0 +1,25 @@
+receiver: 
+{% for receiver in gluon_collector_receivers %}                
+- type: {{receiver.type}}        
+  interface: "{{receiver.interface}}"      
+  port: {{receiver.port}}       
+{% endfor %}
+
+interval:
+  statistics: {{gluon_collector_interval_statistics}}         
+  nodeinfo: {{gluon_collector_interval_nodeinfo}}          
+  expire: {{gluon_collector_interval_expire}}              
+
+logger:     
+  level: "{{gluon_collector_log_level}}"           
+  file: "{{gluon_collector_log_path}}"
+
+store:
+  type: "{{gluon_collector_store_type}}"            
+  path: "{{gluon_collector_db_path}}" 
+  expireNodesAfterDays: {{gluon_collector_expire_nodes}} 
+
+http:             
+  port: {{gluon_collector_http_port}}              
+  address: "{{gluon_collector_http_address}}"
+  

roles/internal/ffdo.gluon-collector/templates/systemd.j2

@@ -0,0 +1,10 @@
+[Unit]
+Description=gluon-collector
+
+[Service]
+ExecStart={{gluon_collector_base_path}}/gluon-collector -config /etc/gluon-collector.yaml
+Restart=on-failure
+User={{gluon_collector_user}}
+
+[Install]
+WantedBy=multi-user.target

roles/internal/ffdo.gluon-collector/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for ffdo.gluon-collector

roles/internal/ffdo.mapserver-nginx/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for ffdo.mapserver-nginx
 
 - name: Ensure nginx is installed
-  apt: name=nginx state=present
+  apt: name=nginx state=present update_cache=yes cache_valid_time=3600
 
 - name: Install openssl to generate DH params
   apt: name=openssl state=present
@@ -28,7 +28,9 @@
 
 - name: Generate strong dhparams
   when: not mapserver_use_pregenerated_dh_params
-  shell: openssl dhparam -out /etc/nginx/dhparams.pem 4096 creates=/etc/nginx/dhparams.pem
+  shell: openssl dhparam -out /etc/nginx/dhparams.pem 4096 
+  args:
+    creates: /etc/nginx/dhparams.pem
   notify:
   - Restart nginx
 
@@ -39,10 +41,14 @@
   with_items:
   - src: nginx-default.conf.j2
     dest: /etc/nginx/sites-available/default
-  - src: nginx-wiki.conf.j2
-    dest: /etc/nginx/sites-available/wiki
   notify:
   - Restart nginx
 
+- name: Activate nginx configurations
+  file:
+    src: /etc/nginx/sites-available/default
+    dest: /etc/nginx/sites-enabled/default
+    state: link
+
 - name: Ensure nginx is started and enabled
   service: name=nginx state=started enabled=yes

roles/internal/ffdo.mapserver-nginx/templates/nginx-default.conf.j2

@@ -36,7 +36,7 @@ server {
                 gzip_vary on;
   }
 
-        location /grafana {
+  location /grafana {
     if ($scheme != "https") {
       rewrite ^ https://map.ffdo.de$request_uri permanent;
     }
@@ -45,7 +45,7 @@ server {
                 rewrite  ^/grafana/(.*)  /$1 break;
                 proxy_set_header Host $host;
 
-        }
+  }
 
   location /data {
     alias /srv/ffmap-data;
@@ -55,6 +55,11 @@ server {
     gzip_vary on;
   }
 
+  location /data-announced {
+    proxy_pass  http://127.0.0.1:{{gluon_collector_http_port}};
+    proxy_redirect  off;
+  }
+
 # location /wiki {
 #   if ($scheme = http){
 #                 rewrite ^ https://map.do.freifunk.ruhr$request_uri? permanent;

roles/internal/ffdo.mapserver/meta/main.yml

@@ -19,5 +19,6 @@ galaxy_info:
   - web
 dependencies:
 - dereulenspiegel.alfred
+- ffdo.gluon-collector
 - ffdo.mapserver-nginx
 - ffdo.meshviewer

roles/internal/ffdo.meshviewer/meta/main.yml

@@ -50,4 +50,5 @@ galaxy_info:
   - monitoring
   - web
 dependencies:
+- ffmap-backend
 - laggyluke.nodejs

roles/internal/ffdo.meshviewer/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for meshviewer
 
 - name: Install build dependencies
-  apt: name={{item}} state=present
+  apt: name={{item}} state=present update_cache=yes cache_valid_time=3600
   with_items: "{{meshviewer_build_dependencies}}"
 
 - name: Create meshviewer install directory
@@ -39,4 +39,7 @@
   shell: cp -r {{meshviewer_build_directory}}/build/* {{meshviewer_install_directory}}
 
 - name: Install build config
-  template: src=config.js.j2 dest="{{meshviewer_build_directory}}/config.js"
+  template: src=config.js.j2 dest="{{meshviewer_build_directory}}/config.js"
+
+- name: Copy config
+  template: src=config.js.j2 dest="{{meshviewer_install_directory}}/config.js"

roles/internal/ffdo.radvd/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for ffdo.radvd
 
 - name: Ensure radvd is installed
-  apt: name=radvd state=present
+  apt: name=radvd state=present update_cache=yes cache_valid_time=3600
 
 - name: Install radvd config
   template:

roles/internal/ffdo.resolvconf/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for ffdo.resolvconf
 
 - name: Ensure package resolvconf is absent
-  apt: name=resolvconf state=absent purge=yes
+  apt: name=resolvconf state=absent purge=yes 
 
 - name: Install custom resolv.conf
   template: src=resolv.conf.j2 dest=/etc/resolv.conf

roles/internal/ffdo.supernode/tasks/main.yml

@@ -5,7 +5,7 @@
   when: ansible_distribution_release == 'wheezy' and ansible_distribution == 'Debian'
 
 - name: Make sure necessary tools are installed
-  apt: name={{item}} state=present
+  apt: name={{item}} state=present update_cache=yes cache_valid_time=3600
   with_items:
   - wget
   - ntp

roles/internal/ffdo.unbound/tasks/main.yml

@@ -2,7 +2,7 @@
 # tasks file for ff-dns
 
 - name: Ensure unbound is installed
-  apt: name=unbound state=present
+  apt: name=unbound state=present update_cache=yes cache_valid_time=3600
 
 - name: Ensure unbound config already exists
   file: dest=/etc/unbound/unbound.conf.d state=directory recurse=yes