From fa26617df5db3a8d9ce6da738222ac03bbc28231 Mon Sep 17 00:00:00 2001 From: Fred Eisele Date: Tue, 14 May 2024 11:50:04 -0500 Subject: [PATCH 01/80] update --check logic and nodered version compatibility --- roles/nodered/defaults/main.yml | 4 +- scripts/easy_install.sh | 120 +++++++++++++++++++++++++++----- 2 files changed, 104 insertions(+), 20 deletions(-) diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 03ecdaf..bd0ae7a 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -26,9 +26,9 @@ noderedserver_ipv4: 0.0.0.0 noderedserver_port: 1880 nodered_npm_packages: - - node-red@v2-maintenance + - node-red@v3.1.9 - node-red-admin - - node-red-contrib-web-worldmap + - node-red-contrib-web-worldmap@4.8.0 nodered_nodes: - node-red-contrib-config diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 9dded64..7c96379 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -24,6 +24,9 @@ DEFAULT_BRANCH="main" BRANCH=${BRANCH:-$DEFAULT_BRANCH} CBRANCH=${CBRANCH:-} +DEFAULT_PYPI_URL="https://pypi.org" +TEST_PYPI_URL="https://test.pypi.org" + STABLE_OS_REQD="Ubuntu" STABLE_OS_VER_REQD="22.04" STABLE_CODENAME_REQD="jammy" @@ -40,7 +43,11 @@ PY3_VER_STABLE="3.11" STABLE_FTS_VERSION="2.0.66" LEGACY_FTS_VERSION="1.9.9.6" -LATEST_FTS_VERSION=$(curl -s https://pypi.org/pypi/FreeTAKServer/json | python3 -c "import sys, json; print(json.load(sys.stdin)['info']['version'])") +function set_latest_fts_version() { + local pypi_url=$1 + export LATEST_FTS_VERSION=$(curl -s ${pypi_url}/pypi/FreeTAKServer/json | python3 -c "import sys, json; print(json.load(sys.stdin)['info']['version'])") +} +set_latest_fts_version ${DEFAULT_PYPI_URL} FTS_VENV="${HOME}/fts.venv" @@ -95,7 +102,9 @@ Available options: -h, --help Print help -v, --verbose Print script debug info --c, --check Check for compatibility issues while installing +-c, --check Check for compatibility issues while installing [DEFAULT 'os'], may be repeated + --no-check Suppress check for compatibility issues while installing, may be repeated +-w, --warn Convert errors into warnings --core Install FreeTAKServer, UI, and Web Map --latest [DEFAULT] Install latest version (v$LATEST_FTS_VERSION) -s, --stable Install latest stable version (v$STABLE_FTS_VERSION) @@ -104,7 +113,14 @@ Available options: --branch Use specified ZT Installer repository branch [DEFAULT main] --dev-test Sets TEST Envar to 1 --dry-run Sets up dependencies but exits before running any playbooks - --ip-addr Explicitly set IP address (when http://ifconfig.me/ip is wrong) + --ip-addr Explicitly set IP address (when https://ifconfig.me/ip is wrong) + --pypi Explicitly set the URL for PYPI repository (e.g. https://test.pypi.org) + +The supported checks are: +- root is the install being run under root authority +- os is a recommended operating system being used +- arch is this a supported hardware architecture + USAGE_TEXT exit } @@ -145,13 +161,31 @@ function die() { } +############################################################################### +# If the situation is dire then panic. +############################################################################### +function panic() { + + if [[ "${WARN_LEVEL:-0}" -eq 1 ]]; then + echo $1 + else + die $@ + fi +} + ############################################################################### # Parse parameters ############################################################################### + +WARN_LEVEL=0 +CHECK_OS=1 +CHECK_ROOT=0 +CHECK_ARCH=0 + function parse_params() { - # The default 'apt verbosity' is verbose. Set it to quiet, since that's what our script assumes - # unset this later if we want verbosity + # The default 'apt verbosity' is verbose. + # Set it to quiet, since that's what our script assumes unset this later if we want verbosity APT_VERBOSITY="-qq" while true; do @@ -178,7 +212,43 @@ function parse_params() { ;; --check | -c) - CHECK=1 + case "${2-}" in + 'os') + CHECK_OS=1 + ;; + 'root') + CHECK_ROOT=1 + ;; + 'arch') + CHECK_ARCH=1 + ;; + *) + echo "Invalid check type: $2" + ;; + esac + shift 2 + ;; + + --no-check) + case "${2-}" in + 'os') + CHECK_OS=0 + ;; + 'root') + CHECK_ROOT=0 + ;; + 'arch') + CHECK_ARCH=0 + ;; + *) + echo "Invalid check type: $2" + ;; + esac + shift 2 + ;; + + --warn | -w) + WARN_LEVEL=1 shift ;; @@ -245,13 +315,24 @@ function parse_params() { echo "Using the IP of ${FTS_IP_CUSTOM}" ;; + --pypi) + # PIP_EXTRA_INDEX_URL is special. + # If after pip checks the primary index-url; + # it does not find the source, + # it will check the extra-index.url repositories. + export PIP_EXTRA_INDEX_URL=$2 + shift 2 + echo "Using the extra pypi URL of ${PIP_EXTRA_INDEX_URL}" + set_latest_fts_version ${PIP_EXTRA_INDEX_URL} + ;; + --no-color) NO_COLOR=1 shift ;; -?*) - die "ERROR: unknown option $1" + panic "ERROR: unknown option $1" ;; *) @@ -294,7 +375,7 @@ function set_versions() { export CODENAME=$STABLE_CODENAME_REQD ;; *) - die "Unsupport install type: $INSTALL_TYPE" + panic "Unsupported install type: $INSTALL_TYPE" ;; esac @@ -304,17 +385,18 @@ function set_versions() { ############################################################################### function do_checks() { - check_root + if [[ "${CHECK_ROOT:-0}" -eq 1 ]]; then + check_root + fi - if [[ -n "${CHECK-}" ]]; then + if [[ "${CHECK_OS:-0}" -eq 1 ]]; then check_os - # check_architecture else WEBMAP_FORCE_INSTALL="webmap_force_install=true" fi - if [[ -n "${TEST-}" ]]; then - REPO="https://github.com/janseptaugust/FreeTAKHub-Installation.git" + if [[ "${CHECK_ARCH:-0}" -eq 1 ]]; then + check_architecture fi } @@ -330,7 +412,7 @@ function check_root() { if [[ "$EUID" -ne 0 ]]; then echo -e "${RED}ERROR${NOFORMAT}" - die "This script requires running as root. Use sudo before the command." + panic "This script requires running as root. Use sudo before the command." else @@ -346,7 +428,7 @@ function check_os() { which apt-get >/dev/null if [[ $? -ne 0 ]]; then - die "Could not locate apt... this installation method will not work" + panic "Could not locate apt... this installation method will not work" fi echo -e -n "${BLUE}Checking for supported OS...${NOFORMAT}" @@ -407,7 +489,7 @@ function check_os() { # Check user input to proceed or not. if [[ "${PROCEED}" != "y" ]]; then - die "Answer was not y. Not proceeding." + panic "Answer was not y. Not proceeding." else echo -e "${GREEN}Proceeding...${NOFORMAT}" fi @@ -611,7 +693,9 @@ function run_playbook() { env_vars="python3_version=$PY3_VER codename=$CODENAME itype=$INSTALL_TYPE" env_vars="$env_vars fts_version=$FTS_VERSION cfg_rpath=$CFG_RPATH fts_venv=${FTS_VENV}" [[ -n "${FTS_IP_CUSTOM:-}" ]] && env_vars="$env_vars fts_ip_addr_extra=$FTS_IP_CUSTOM" + [[ -n "${PYPI_URL:-}" ]] && env_vars="$env_vars pypi_url=$PYPI_URL" [[ -n "${WEBMAP_FORCE_INSTALL:-}" ]] && env_vars="$env_vars $WEBMAP_FORCE_INSTALL" + [[ -n "${CORE:-}" ]] && pb=install_mainserver || pb=install_all echo -e "${BLUE}Running Ansible Playbook ${GREEN}$pb${BLUE}...${NOFORMAT}" ansible-playbook -u root ${pb}.yml \ @@ -634,8 +718,8 @@ function cleanup() { setup_colors parse_params "${@}" set_versions -check_os -# do_checks + +do_checks download_dependencies [[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]] && install_python_environment handle_git_repository From 74a2fe1c7b63a678d916f3d7c781973a83c49bb8 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:06:24 +0000 Subject: [PATCH 02/80] ignore apt so files and merge error files --- .gitignore | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitignore b/.gitignore index ef04c89..9299170 100644 --- a/.gitignore +++ b/.gitignore @@ -72,3 +72,9 @@ ansible.cfg /.vagrant/* /.byebug_history /docs/DEV.md + +apt_inst.so +apt_pkg.so + +git-error-* + From 6b01b866930dd86b739b41f3f1089a2b0000b93a Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:13:19 +0000 Subject: [PATCH 03/80] enabled devcontainer --- .devcontainer/Dockerfile | 4 +++ .devcontainer/devcontainer.json | 51 +++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 .devcontainer/Dockerfile create mode 100644 .devcontainer/devcontainer.json diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile new file mode 100644 index 0000000..be33501 --- /dev/null +++ b/.devcontainer/Dockerfile @@ -0,0 +1,4 @@ +FROM mcr.microsoft.com/devcontainers/base:ubuntu-22.04 +RUN apt-get update \ + && apt-get install -y python3 python3-pip \ + && pip3 install --upgrade pip diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000..3d5c004 --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,51 @@ +// For format details, see https://aka.ms/devcontainer.json. +// For config options, see the README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu +{ + "name": "FTS-Install", + // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile + "build": { + // Path is relative to the devcontainer.json file. + "dockerfile": "Dockerfile", + "context": "." + }, + + // Features to add to the dev container. ore info: https://containers.dev/features. + "features": { + "ghcr.io/devcontainers/features/common-utils:2": { + "installZsh": "true", + "username": "vscode", + "userUid": "1000", + "userGid": "1000", + "upgradePackages": "true" + }, + "ghcr.io/devcontainers/features/git:1": { + "version": "latest", + "ppa": "false" + } + }, + + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], + + // Use 'postCreateCommand' to run commands after the container is created. + // "postCreateCommand": "uname -a", + + // Configure tool-specific properties. + "customizations" : { + "jetbrains" : { + "backend" : "IntelliJ" + } + }, + "runArgs": [ + "--net", "host", + "-e", "DISPLAY=:0", + "-e", "XAUTHORITY=/tmp/.Xauthority", + "-v", "${localEnv:HOME}/.Xauthority:/tmp/.Xauthority" + ], + "containerEnv": { + "DISPLAY": "unix:0" + }, + + // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root. + // "remoteUser": "root" + } \ No newline at end of file From eb73b1557b9b4bbfd65ccefe51f420d64587df95 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:34:44 +0000 Subject: [PATCH 04/80] use more current version of nodejs update the versions for node-red-contrib-web-worldmap node-red version update --- roles/nodered/defaults/main.yml | 3 +-- roles/nodered/vars/Ubuntu.yml | 2 +- scripts/easy_install.sh | 11 +++++++++++ 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index bd0ae7a..6bd4cae 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -28,8 +28,7 @@ noderedserver_port: 1880 nodered_npm_packages: - node-red@v3.1.9 - node-red-admin - - node-red-contrib-web-worldmap@4.8.0 - + - node-red-contrib-web-worldmap@5.0.2 nodered_nodes: - node-red-contrib-config - node-red-dashboard diff --git a/roles/nodered/vars/Ubuntu.yml b/roles/nodered/vars/Ubuntu.yml index 5483efc..0c0b891 100644 --- a/roles/nodered/vars/Ubuntu.yml +++ b/roles/nodered/vars/Ubuntu.yml @@ -5,4 +5,4 @@ nodered_apt_dependencies: - npm - nodejs -unit_files_location: /etc/systemd/system \ No newline at end of file +unit_files_location: /etc/systemd/system diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 7c96379..a3b2172 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -611,6 +611,17 @@ function install_python_environment() { deactivate } + +############################################################################### +# The latest version of node-red needs a current version of nodejs. +# The https://www.npmjs.com/package/n package can be used to manage nodejs versions. +# curl -L https://bit.ly/n-install | bash +# see https://github.com/dceejay/RedMap/blob/master/package.json for the dependencies. +############################################################################### +function install_nodejs_environment() { + sudo npm install -g n + sudo n 18.20.4 +} ############################################################################### # Handle git repository ############################################################################### From 00735d924301d0d5c972c3997e206fd8df7ac968 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:37:20 +0000 Subject: [PATCH 05/80] invoke the nodejs environment function --- scripts/easy_install.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index a3b2172..9a1a643 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -622,6 +622,7 @@ function install_nodejs_environment() { sudo npm install -g n sudo n 18.20.4 } + ############################################################################### # Handle git repository ############################################################################### @@ -732,6 +733,8 @@ set_versions do_checks download_dependencies +install_nodejs_environment + [[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]] && install_python_environment handle_git_repository add_passwordless_ansible_execution From b457749b514f61fcf1b61ca9b0a04b8f15dd966e Mon Sep 17 00:00:00 2001 From: Az Builds Date: Thu, 7 Mar 2024 11:37:01 -0500 Subject: [PATCH 06/80] Update example-compose ui definition --- containers/compose.yaml | 43 --------------------------------- containers/example-compose.yaml | 19 ++++++++++++--- 2 files changed, 16 insertions(+), 46 deletions(-) delete mode 100644 containers/compose.yaml diff --git a/containers/compose.yaml b/containers/compose.yaml deleted file mode 100644 index 7cd58b2..0000000 --- a/containers/compose.yaml +++ /dev/null @@ -1,43 +0,0 @@ -services: - fts: - image: freetakserver:latest - pull_policy: build - restart: unless-stopped - build: - context: . - dockerfile: core-pypi.Dockerfile - ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - #- 9000:9000 - # APIPort - Don't expose by default - #- 19023:19023 - volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" - - ftsui: - image: freetakserver-ui:latest - pull_policy: build - build: - context: . - dockerfile: ui-pypi.Dockerfile - ports: - # Web interface port - - 5000:5000 - # API Port - probably don't need to expose if UI and Core are on same container network - #- 19023:19023 - volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 4588c8a..fdfc583 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -27,7 +27,7 @@ services: - ./base-config/:/opt/fts/:rw,Z network_mode: "host" - ftsui: + free-tak-server-ui: image: ghcr.io/freetakteam/ui:latest ports: # Web interface port @@ -35,5 +35,18 @@ services: # API Port - you probably don't need to expose if UI and Core are on same container network #- 19023:19023 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/data/ + environment: + FTS_IP: 'free-tak-server' + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'free-tak-server-ui' + FTS_MAP_EXPOSED_IP: 'free-tak-server-ui' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' +volumes: + free-tak-ui-db: From 56ad58260d75e3f699d9c5a94337a24ad5edaf13 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 24 Mar 2024 10:52:49 -0400 Subject: [PATCH 07/80] Added volume version of yaml file Removed other files that are no longer necessary --- containers/core-pypi.Dockerfile | 27 --------- containers/core-run.sh | 29 ---------- containers/example-compose.yaml | 97 ++++++++++++++++++++++----------- containers/ui-pypi.Dockerfile | 27 --------- containers/ui-run.sh | 30 ---------- 5 files changed, 66 insertions(+), 144 deletions(-) delete mode 100644 containers/core-pypi.Dockerfile delete mode 100755 containers/core-run.sh delete mode 100644 containers/ui-pypi.Dockerfile delete mode 100755 containers/ui-run.sh diff --git a/containers/core-pypi.Dockerfile b/containers/core-pypi.Dockerfile deleted file mode 100644 index acf61d9..0000000 --- a/containers/core-pypi.Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -# Work in process -FROM python:3.11 - -# don't use root, let's not have FTS be used as a priv escalation in the wild -RUN groupadd -r freetak && useradd -m -r -g freetak freetak -RUN mkdir /opt/fts ; chown -R freetak:freetak /opt/fts ; chmod 775 /opt/fts ; chmod a+w /var/log - -USER freetak -WORKDIR /home/freetak -COPY --chown=freetak:freetak --chmod=774 core-run.sh ./ - -# This needs the trailing slash -ENV FTS_DATA_PATH = "/opt/fts/" - -# Install pre-reqs then the base FTS -# ruamel.yaml is very ornery and has to be force-reinstalled alone until the pip deps are updated -ENV PATH /home/freetak/.local/bin:$PATH -RUN pip install --upgrade pip ; pip install --force-reinstall "ruamel.yaml<0.18" -RUN pip install FreeTAKServer - -# Provide a way to edit the configuration from outside the container -# May need to be updated if the base image changes -RUN cp $(python -m site --user-site)/FreeTAKServer/core/configuration/MainConfig.py $(python -m site --user-site)/FreeTAKServer/core/configuration/MainConfig.bak - -VOLUME /opt/fts - -CMD [ "/home/freetak/core-run.sh" ] diff --git a/containers/core-run.sh b/containers/core-run.sh deleted file mode 100755 index b54941c..0000000 --- a/containers/core-run.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -PYTHON_USER_SITE=$(python -m site --user-site) -# Detect and navigate to the python user site packages -# Some systems use `python3` instead of `python` so this is not entirely portable -cd "${PYTHON_USER_SITE}/FreeTAKServer/" || raise error "Could not navigate to the user-sites path. Are you using a distro that requires python3 instead of python?" - -# Sharing for MainConfig.py -if [[ ! -f "/opt/fts/MainConfig.py" ]] - then - cp ${PYTHON_USER_SITE}/FreeTAKServer/core/configuration/MainConfig.bak /opt/fts/MainConfig.py -fi -if [[ ! -f "${PYTHON_USER_SITE}/FreeTAKServer/core/configuration/MainConfig.py" ]] - then - if [[ ! -f "/opt/fts/MainConfig.py" ]] - then - echo "MainConfig.py is missing from the expected volume!" - else - ln -s /opt/fts/MainConfig.py "${PYTHON_USER_SITE}/FreeTAKServer/core/configuration/MainConfig.py" - fi -fi - -# Sharing for FTSConfig.yaml -if [[ ! -f "/opt/fts/FTSConfig.yaml" ]] - then - python -c "from FreeTAKServer.core.configuration.configuration_wizard import autogenerate_config; autogenerate_config()" -fi - -python -m FreeTAKServer.controllers.services.FTS diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index fdfc583..3f44de4 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,41 +1,74 @@ services: - fts: - image: ghcr.io/freetakteam/freetakserver:latest - pull_policy: build - restart: unless-stopped - build: - context: . - dockerfile: core-pypi.Dockerfile - ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - Don't expose unless you are trying to federate - #- 9000:9000 - # APIPort - Don't expose unless you host UI and server on separate container networks - #- 19023:19023 + freetakserver: + image: freetakserver:latest volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" + - free-tak-core-db:/opt/fts/ + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + #- 9000:9000 + # APIPort - Don't expose by default + #- 19023:19023 + + environment: + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "password" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + FTS_NODE_ID: "fl5m8j5txlgdtfv8wi96zf8tt0howddo" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 + FTS_API_ADDRESS: 0.0.0.0 + + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 127.0.0.1 + + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 127.0.0.1 + + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 127.0.0.1 + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 127.0.0.1 # address to receive worker responses by the integration manager + + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 127.0.0.1 # address from which to publish messages by the integration manager + + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" free-tak-server-ui: - image: ghcr.io/freetakteam/ui:latest + image: freetakserver-ui:latest ports: - # Web interface port - 5000:5000 - # API Port - you probably don't need to expose if UI and Core are on same container network - #- 19023:19023 volumes: - - free-tak-ui-db:/home/freetak/data/ + - free-tak-ui-db:/home/freetak/data/ environment: FTS_IP: 'free-tak-server' FTS_API_PORT: 19023 @@ -48,5 +81,7 @@ services: FTS_UI_WSKEY: 'YourWebsocketKey' FTS_API_KEY: 'Bearer token' FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' + volumes: + free-tak-core-db: free-tak-ui-db: diff --git a/containers/ui-pypi.Dockerfile b/containers/ui-pypi.Dockerfile deleted file mode 100644 index d36b179..0000000 --- a/containers/ui-pypi.Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -FROM python:3.11 - -RUN groupadd -r freetak && useradd -m -r -g freetak freetak - -RUN mkdir -p /home/freetak/data && chown -R freetak:freetak /home/freetak/data && chmod 777 -R /home/freetak/data && chmod g+s /home/freetak/data - -# Link /opt to home data, as default configs put the db in /opt -RUN ln -s /opt/ /home/freetak/data/ - -USER freetak -WORKDIR /home/freetak/data - -# Install pre-reqs then the base FTS -ENV PATH /home/freetak/.local/bin:/home/freetak/.local/lib:$PATH - -# flask_cors is missing from the pip imports, so install it manually -RUN pip install "flask_cors" -RUN pip install FreeTAKServer-UI - -# Provide a way to edit the configuration from outside the container -RUN mv $(python -m site --user-site)/FreeTAKServer-UI/config.py $(python -m site --user-site)/FreeTAKServer-UI/config.bak - -WORKDIR /home/freetak -COPY --chown=freetak:freetak --chmod=774 ui-run.sh ./ - -VOLUME /home/freetak/data -CMD ["/home/freetak/ui-run.sh"] diff --git a/containers/ui-run.sh b/containers/ui-run.sh deleted file mode 100755 index a39ca87..0000000 --- a/containers/ui-run.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -PYTHON_USER_SITE=$(python -m site --user-site) -# Detect and navigate to the python user site packages -# Some systems use `python3` instead of `python` so this is not entirely portable -cd "${PYTHON_USER_SITE}/FreeTAKServer-UI/" || raise error "Could not navigate to the user-sites path. Are you using a distro that requires python3 instead of python?" - -# Check if there is *NOT* a config.py in the shared volume -if [[ ! -f "/home/freetak/data/config.py" ]] - then - # If there isn't, then we need to give one to the user - cp ${PYTHON_USER_SITE}/FreeTAKServer-UI/config.bak /home/freetak/data/config.py -fi - -# If the symlink has not been created yet, then we will do that -if [[ ! -f "${PYTHON_USER_SITE}/FreeTAKServer-UI/config.py" ]] - then - ln -s /home/freetak/data/config.py ${PYTHON_USER_SITE}/FreeTAKServer-UI/config.py -fi - -# TODO This can be implemented once the FTS-UI has an SSL operation mode -# Check if SSL certificates in the shared volumes exists -#if -n compgen -G "/home/freetak/data/*.crt" > /dev/null || compgen -G "/home/freetak/data/*.key" > /dev/null -# then - # generate some certs -# openssl req -x509 -newkey rsa:4096 -keyout autgenerated-key.pem -out autogenerated-cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=Unknown/L=Unknown/O=FreeTAKServer/OU=FTS-UI/CN=localhost" -#fi - -# Now we can start the server -python run.py From 2c2982cee19ee0aa021c272ef7d8110118f451bd Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 24 Mar 2024 11:01:10 -0400 Subject: [PATCH 08/80] Updated readme documentation --- containers/container_readme.md | 51 +++++++++++++++++----------------- 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/containers/container_readme.md b/containers/container_readme.md index a16145d..5b886c1 100644 --- a/containers/container_readme.md +++ b/containers/container_readme.md @@ -1,35 +1,36 @@ # Containers ## Full Documentation -WIP +**WIP** + For full instructions see: https://freetakteam.github.io/FreeTAKServer-User-Docs/Installation/Docker/overview/ -WIP + +**WIP** ## Podman These containers were designed under the podman runtime, and are fully compatible with being run as rootless. -If you are familiar with container infrastructure, you can simply copy this entire directory and modify the compose.yaml -to fit your needs. - -## Quick Instructions - -For podman: -```shell -podman-compose up -``` - -or if you use non-free runtime: -```shell -docker-compose up -``` +## Docker +These containers are likely to work perfectly well in docker. -Then refer to other FTS documentation to do appropriate configuration. +Please consider running rootless for extra security. -All config files you need should be created in the volume, so it is a good idea to create a mounted volume instead of a -standard volume. - -If you are missing any/all configuration files, ensure: - - Restart container to trigger copy script again - - Permissions are sufficient for the container to use the volume directory - - On selinux hosts, sticky bit may need to be set - - Also on selinux, you may need to reload the labels/contexts +## Quick Instructions +1. Copy the [`example-compose.yaml`](https://github.com/FreeTAKTeam/FreeTAKHub-Installation/blob/main/containers/example-compose.yaml) +file to your favorite directory. +2. Rename it to compose.yaml +3. Run the command + + For podman: + ```shell + podman-compose up + ``` + + For non-free runtime: + + ```shell + docker-compose up + ``` + +4. Then refer to other FTS documentation to do appropriate configuration using the environment variables exposed in the +compose file. From e5fa925e0707cc98bc3f46c497fc0e633f1acb01 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 09/80] Docker: Add env vars to compose files --- containers/compose.yaml | 71 ++++++++++++++++++++++ containers/example-compose.yaml | 102 +++++++++++++------------------- 2 files changed, 111 insertions(+), 62 deletions(-) create mode 100644 containers/compose.yaml diff --git a/containers/compose.yaml b/containers/compose.yaml new file mode 100644 index 0000000..425569b --- /dev/null +++ b/containers/compose.yaml @@ -0,0 +1,71 @@ +services: + fts: + image: freetakserver:latest + pull_policy: build + restart: unless-stopped + build: + context: . + dockerfile: core-pypi.Dockerfile + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + #- 9000:9000 + # APIPort - Don't expose by default + #- 19023:19023 + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" + environment: + # Change from default if needed + #FTS_FED_PASSWORD: "defaultpass" + #FTS_CLIENT_CERT_PASSWORD: "password" + + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 + + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + + ftsui: + image: freetakserver-ui:latest + pull_policy: build + build: + context: . + dockerfile: ui-pypi.Dockerfile + ports: + # Web interface port + - 5000:5000 + # API Port - probably don't need to expose if UI and Core are on same container network + #- 19023:19023 + volumes: + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" + environment: + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_MAP_EXPOSED_IP: '127.0.0.1' + diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 3f44de4..b526dad 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -12,76 +12,54 @@ services: - 8089:8089 # SSLDataPackagePort - 8443:8443 - # FederationPort + # FederationPort - Don't expose unless you are trying to federate #- 9000:9000 - # APIPort - Don't expose by default + # APIPort - Don't expose unless you host UI and server on separate container networks #- 19023:19023 - + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" environment: - # The ChangeMe section - FTS_FED_PASSWORD: "defaultpass" - FTS_CLIENT_CERT_PASSWORD: "password" - FTS_SECRET_KEY: "vnkdjnfjknfl1232#" - FTS_NODE_ID: "fl5m8j5txlgdtfv8wi96zf8tt0howddo" - FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" - - # Networking - FTS_COT_PORT: 8087 - FTS_SSLCOT_PORT: 8089 - FTS_API_PORT: 19023 - FTS_FED_PORT: 9000 - - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 - FTS_API_ADDRESS: 0.0.0.0 - - FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 - FTS_ROUTING_PROXY_SUBSCRIBE_IP: 127.0.0.1 + # Change from default if needed + # FTS_FED_PASSWORD: "defaultpass" + # FTS_CLIENT_CERT_PASSWORD: "password" - FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 - FTS_ROUTING_PROXY_PUBLISHER_IP: 127.0.0.1 + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 - FTS_ROUTING_PROXY_SERVER_PORT: 19031 - FTS_ROUTING_PROXY_SERVER_IP: 127.0.0.1 + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager - FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 127.0.0.1 # address to receive worker responses by the integration manager - - FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager - FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 127.0.0.1 # address from which to publish messages by the integration manager - - # Misc Settings - FTS_OPTIMIZE_API: True - FTS_DATA_RECEPTION_BUFFER: 1024 - FTS_MAX_RECEPTION_TIME: 4 - FTS_NUM_ROUTING_WORKERS: 3 - FTS_COT_TO_DB: True - # number of milliseconds to wait between each iteration of main loop - # decreasing will increase CPU usage and server performance - # increasing will decrease CPU usage and server performance - FTS_MAINLOOP_DELAY: 100 - FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - FTS_LOG_LEVEL: "info" - - free-tak-server-ui: - image: freetakserver-ui:latest + fts-ui: + image: ghcr.io/freetakteam/ui:latest ports: + # Web interface port - 5000:5000 + # API Port - you probably don't need to expose if UI and Core are on same container network + #- 19023:19023 volumes: - - free-tak-ui-db:/home/freetak/data/ + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: 'free-tak-server' - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'free-tak-server-ui' - FTS_MAP_EXPOSED_IP: 'free-tak-server-ui' - FTS_MAP_PORT: 8000 - FTS_MAP_PROTO: 'http' - FTS_UI_PORT: 5000 - FTS_UI_WSKEY: 'YourWebsocketKey' - FTS_API_KEY: 'Bearer token' - FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_MAP_EXPOSED_IP: '127.0.0.1' + -volumes: - free-tak-core-db: - free-tak-ui-db: From 5bb989be46d75af47f3c2c3f2a68109f5f58c93a Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 10/80] Update compose files so that containers can find each other --- containers/devel-compose.yaml | 101 +++++++++++++++++++++++++++++ containers/example-compose.yaml | 110 +++++++++++++++++++++----------- 2 files changed, 174 insertions(+), 37 deletions(-) create mode 100644 containers/devel-compose.yaml diff --git a/containers/devel-compose.yaml b/containers/devel-compose.yaml new file mode 100644 index 0000000..1d97033 --- /dev/null +++ b/containers/devel-compose.yaml @@ -0,0 +1,101 @@ +services: + freetakserver: + # if you want a specific branch, change master to your branch name + image: ghcr.io/freetakteam/freetakserver:master + hostname: freetakserver + networks: + - taknet + volumes: + - free-tak-core-db:/opt/fts/ + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + - 9000:9000 + # APIPort - Don't expose by default + - 19023:19023 + + environment: + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "supersecret" + FTS_WEBSOCKET_KEY: "YourWebsocketKey" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + #FTS_NODE_ID: "SOMESTRING" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 'freetakserver' + FTS_USER_ADDRESS: 'freetakserver' + FTS_API_ADDRESS: 'freetakserver' + + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager + + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager + + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" + + freetakserver-ui: + # if you want a specific branch, change master to your branch name + #image: ghcr.io/freetakteam/ui:master + image: localhost/freetakserver-ui:latest + hostname: freetakserver-ui + networks: + - taknet + ports: + - 5000:5000 + volumes: + - free-tak-ui-db:/home/freetak/:Z,rw + environment: + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' + FTS_MAP_EXPOSED_IP: '127.0.0.1' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' + +volumes: + free-tak-core-db: + free-tak-ui-db: + +networks: + taknet: + driver: bridge diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index b526dad..03ea88c 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,6 +1,9 @@ services: freetakserver: - image: freetakserver:latest + image: ghcr.io/freetakteam/freetakserver:latest + hostname: freetakserver + networks: + - taknet volumes: - free-tak-core-db:/opt/fts/ ports: @@ -12,54 +15,87 @@ services: - 8089:8089 # SSLDataPackagePort - 8443:8443 - # FederationPort - Don't expose unless you are trying to federate - #- 9000:9000 - # APIPort - Don't expose unless you host UI and server on separate container networks - #- 19023:19023 - volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" + # FederationPort + - 9000:9000 + # APIPort - Don't expose by default + - 19023:19023 + environment: - # Change from default if needed - # FTS_FED_PASSWORD: "defaultpass" - # FTS_CLIENT_CERT_PASSWORD: "password" + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "supersecret" + FTS_WEBSOCKET_KEY: "YourWebsocketKey" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + #FTS_NODE_ID: "SOMESTRING" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 'freetakserver' + FTS_USER_ADDRESS: 'freetakserver' + FTS_API_ADDRESS: 'freetakserver' + + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - # Change the following 2 lines to the FTS external IP - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - # Misc Settings. Uncomment if needed - #FTS_OPTIMIZE_API: True - #FTS_DATA_RECEPTION_BUFFER: 1024 - #FTS_MAX_RECEPTION_TIME: 4 - #FTS_NUM_ROUTING_WORKERS: 3 - #FTS_COT_TO_DB: True - # number of milliseconds to wait between each iteration of main loop - # decreasing will increase CPU usage and server performance - # increasing will decrease CPU usage and server performance - #FTS_MAINLOOP_DELAY: 100 - #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - #FTS_LOG_LEVEL: "error" - #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" - fts-ui: + freetakserver-ui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: # Web interface port - 5000:5000 # API Port - you probably don't need to expose if UI and Core are on same container network #- 19023:19023 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' +volumes: + free-tak-core-db: + free-tak-ui-db: +networks: + taknet: + driver: bridge From e449d23b5d495381ffe8a21e25643d9bb414a63c Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 11/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 113 ++++++++++++-------------------- 1 file changed, 41 insertions(+), 72 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 03ea88c..71fa351 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -7,67 +7,49 @@ services: volumes: - free-tak-core-db:/opt/fts/ ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - - 9000:9000 - # APIPort - Don't expose by default - - 19023:19023 - + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort - Don't expose unless you are trying to federate + #- 9000:9000 + # APIPort - Don't expose unless you host UI and server on separate container networks + #- 19023:19023 + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" environment: - # The ChangeMe section - FTS_FED_PASSWORD: "defaultpass" - FTS_CLIENT_CERT_PASSWORD: "supersecret" - FTS_WEBSOCKET_KEY: "YourWebsocketKey" - FTS_SECRET_KEY: "vnkdjnfjknfl1232#" - #FTS_NODE_ID: "SOMESTRING" - FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" - - # Networking - FTS_COT_PORT: 8087 - FTS_SSLCOT_PORT: 8089 - FTS_API_PORT: 19023 - FTS_FED_PORT: 9000 - - FTS_DP_ADDRESS: 'freetakserver' - FTS_USER_ADDRESS: 'freetakserver' - FTS_API_ADDRESS: 'freetakserver' - - FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 - FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + # Change from default if needed + #FTS_FED_PASSWORD: "defaultpass" + #FTS_CLIENT_CERT_PASSWORD: "password" - FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 - FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 - FTS_ROUTING_PROXY_SERVER_PORT: 19031 - FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' - - FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager - FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - - FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager - FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - - # Misc Settings - FTS_OPTIMIZE_API: True - FTS_DATA_RECEPTION_BUFFER: 1024 - FTS_MAX_RECEPTION_TIME: 4 - FTS_NUM_ROUTING_WORKERS: 3 - FTS_COT_TO_DB: True + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - FTS_MAINLOOP_DELAY: 100 - FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - FTS_LOG_LEVEL: "info" + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - freetakserver-ui: + ftsui: image: ghcr.io/freetakteam/ui:latest hostname: freetakserver-ui networks: @@ -78,24 +60,11 @@ services: # API Port - you probably don't need to expose if UI and Core are on same container network #- 19023:19023 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' - FTS_MAP_PORT: 8000 - FTS_MAP_PROTO: 'http' - FTS_UI_PORT: 5000 - FTS_UI_WSKEY: 'YourWebsocketKey' - FTS_API_KEY: 'Bearer token' - FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' - -volumes: - free-tak-core-db: - free-tak-ui-db: -networks: - taknet: - driver: bridge From d79b71158acce10259443069b1acd8e5a18bbe9a Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 12/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 71fa351..92f2af1 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: # Web interface port - 5000:5000 From f7597aed484de7767ce5eb3b873462756efab2e8 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 13/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 92f2af1..b2d9222 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,17 +51,20 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: # Web interface port - 5000:5000 # API Port - you probably don't need to expose if UI and Core are on same container network #- 19023:19023 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' From 79a592cb7f45d8b302a765ce42818b1935916e64 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 14/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index b2d9222..71fa351 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -60,11 +60,11 @@ services: # API Port - you probably don't need to expose if UI and Core are on same container network #- 19023:19023 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' From be091514a9261f5ef5e7f1d301445b30b88ebd85 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 15/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 84 ++++++++++++++++++--------------- 1 file changed, 45 insertions(+), 39 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 71fa351..070c816 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -7,64 +7,70 @@ services: volumes: - free-tak-core-db:/opt/fts/ ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - Don't expose unless you are trying to federate - #- 9000:9000 - # APIPort - Don't expose unless you host UI and server on separate container networks - #- 19023:19023 + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort - Don't expose unless you are trying to federate + #- 9000:9000 + # APIPort - Don't expose unless you host UI and server on separate container networks + #- 19023:19023 volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared - ./base-config/:/opt/fts/:rw,Z network_mode: "host" environment: - # Change from default if needed - #FTS_FED_PASSWORD: "defaultpass" - #FTS_CLIENT_CERT_PASSWORD: "password" + # Change from default if needed + # FTS_FED_PASSWORD: "defaultpass" + # FTS_CLIENT_CERT_PASSWORD: "password" - # Change the following 2 lines to the FTS external IP - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 - # Misc Settings. Uncomment if needed - #FTS_OPTIMIZE_API: True - #FTS_DATA_RECEPTION_BUFFER: 1024 - #FTS_MAX_RECEPTION_TIME: 4 - #FTS_NUM_ROUTING_WORKERS: 3 - #FTS_COT_TO_DB: True - # number of milliseconds to wait between each iteration of main loop - # decreasing will increase CPU usage and server performance - # increasing will decrease CPU usage and server performance - #FTS_MAINLOOP_DELAY: 100 - #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - #FTS_LOG_LEVEL: "error" - #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - ftsui: + fts-ui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: + # Web interface port # Web interface port - 5000:5000 # API Port - you probably don't need to expose if UI and Core are on same container network #- 19023:19023 + # API Port - you probably don't need to expose if UI and Core are on same container network + #- 19023:19023 volumes: - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" + - ./ui-config:/home/freetak/data:rw,Z network_mode: "host" environment: + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' # Change the following 3 lines to the FTS external IP FTS_IP: '127.0.0.1' FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' + From 63c2619ef528d986de6f3506bb06fb5d57a2fb47 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 16/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 95 ++++++++++++++++++++++----------- 1 file changed, 64 insertions(+), 31 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 070c816..ae38583 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -15,42 +15,63 @@ services: - 8089:8089 # SSLDataPackagePort - 8443:8443 - # FederationPort - Don't expose unless you are trying to federate - #- 9000:9000 - # APIPort - Don't expose unless you host UI and server on separate container networks - #- 19023:19023 - volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" + # FederationPort + - 9000:9000 + # APIPort - Don't expose by default + - 19023:19023 + environment: - # Change from default if needed - # FTS_FED_PASSWORD: "defaultpass" - # FTS_CLIENT_CERT_PASSWORD: "password" + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "supersecret" + FTS_WEBSOCKET_KEY: "YourWebsocketKey" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + #FTS_NODE_ID: "SOMESTRING" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 'freetakserver' + FTS_USER_ADDRESS: 'freetakserver' + FTS_API_ADDRESS: 'freetakserver' - # Change the following 2 lines to the FTS external IP - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' - # Misc Settings. Uncomment if needed - #FTS_OPTIMIZE_API: True - #FTS_DATA_RECEPTION_BUFFER: 1024 - #FTS_MAX_RECEPTION_TIME: 4 - #FTS_NUM_ROUTING_WORKERS: 3 - #FTS_COT_TO_DB: True - # number of milliseconds to wait between each iteration of main loop - # decreasing will increase CPU usage and server performance - # increasing will decrease CPU usage and server performance - #FTS_MAINLOOP_DELAY: 100 - #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - #FTS_LOG_LEVEL: "error" - #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' - fts-ui: + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager + + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager + + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" + + freetakserver-ui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: # Web interface port # Web interface port @@ -72,5 +93,17 @@ services: FTS_IP: '127.0.0.1' FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' +volumes: + free-tak-core-db: + free-tak-ui-db: +networks: + taknet: + driver: bridge From f5438b52dad3598179b148c24d48e264ddb55e80 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 17/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 109 -------------------------------- 1 file changed, 109 deletions(-) delete mode 100644 containers/example-compose.yaml diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml deleted file mode 100644 index ae38583..0000000 --- a/containers/example-compose.yaml +++ /dev/null @@ -1,109 +0,0 @@ -services: - freetakserver: - image: ghcr.io/freetakteam/freetakserver:latest - hostname: freetakserver - networks: - - taknet - volumes: - - free-tak-core-db:/opt/fts/ - ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - - 9000:9000 - # APIPort - Don't expose by default - - 19023:19023 - - environment: - # The ChangeMe section - FTS_FED_PASSWORD: "defaultpass" - FTS_CLIENT_CERT_PASSWORD: "supersecret" - FTS_WEBSOCKET_KEY: "YourWebsocketKey" - FTS_SECRET_KEY: "vnkdjnfjknfl1232#" - #FTS_NODE_ID: "SOMESTRING" - FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" - - # Networking - FTS_COT_PORT: 8087 - FTS_SSLCOT_PORT: 8089 - FTS_API_PORT: 19023 - FTS_FED_PORT: 9000 - - FTS_DP_ADDRESS: 'freetakserver' - FTS_USER_ADDRESS: 'freetakserver' - FTS_API_ADDRESS: 'freetakserver' - - FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 - FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' - - FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 - FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' - - FTS_ROUTING_PROXY_SERVER_PORT: 19031 - FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' - - FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager - FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - - FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager - FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - - # Misc Settings - FTS_OPTIMIZE_API: True - FTS_DATA_RECEPTION_BUFFER: 1024 - FTS_MAX_RECEPTION_TIME: 4 - FTS_NUM_ROUTING_WORKERS: 3 - FTS_COT_TO_DB: True - # number of milliseconds to wait between each iteration of main loop - # decreasing will increase CPU usage and server performance - # increasing will decrease CPU usage and server performance - FTS_MAINLOOP_DELAY: 100 - FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - FTS_LOG_LEVEL: "info" - - freetakserver-ui: - image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet - ports: - # Web interface port - # Web interface port - - 5000:5000 - # API Port - you probably don't need to expose if UI and Core are on same container network - #- 19023:19023 - # API Port - you probably don't need to expose if UI and Core are on same container network - #- 19023:19023 - volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" - environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' - FTS_MAP_EXPOSED_IP: '127.0.0.1' - FTS_MAP_PORT: 8000 - FTS_MAP_PROTO: 'http' - FTS_UI_PORT: 5000 - FTS_UI_WSKEY: 'YourWebsocketKey' - FTS_API_KEY: 'Bearer token' - FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' - -volumes: - free-tak-core-db: - free-tak-ui-db: - -networks: - taknet: - driver: bridge From c282e5fad3f77d89e55528fb0e8fc6f7d99db540 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 18/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 101 ++++++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 containers/example-compose.yaml diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml new file mode 100644 index 0000000..03ea88c --- /dev/null +++ b/containers/example-compose.yaml @@ -0,0 +1,101 @@ +services: + freetakserver: + image: ghcr.io/freetakteam/freetakserver:latest + hostname: freetakserver + networks: + - taknet + volumes: + - free-tak-core-db:/opt/fts/ + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + - 9000:9000 + # APIPort - Don't expose by default + - 19023:19023 + + environment: + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "supersecret" + FTS_WEBSOCKET_KEY: "YourWebsocketKey" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + #FTS_NODE_ID: "SOMESTRING" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 'freetakserver' + FTS_USER_ADDRESS: 'freetakserver' + FTS_API_ADDRESS: 'freetakserver' + + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager + + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager + + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" + + freetakserver-ui: + image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet + ports: + # Web interface port + - 5000:5000 + # API Port - you probably don't need to expose if UI and Core are on same container network + #- 19023:19023 + volumes: + - free-tak-ui-db:/home/freetak/:Z,rw + environment: + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' + FTS_MAP_EXPOSED_IP: '127.0.0.1' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' + +volumes: + free-tak-core-db: + free-tak-ui-db: + +networks: + taknet: + driver: bridge From d9015d7a6ef1d1ebe5f94f8b30b86c2ed7dbaa53 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 19/80] Docker: Add env vars to compose files # Conflicts: # containers/example-compose.yaml --- containers/example-compose.yaml | 128 ++++++++++++-------------------- 1 file changed, 47 insertions(+), 81 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 03ea88c..8339e4c 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,101 +1,67 @@ services: - freetakserver: + fts: image: ghcr.io/freetakteam/freetakserver:latest - hostname: freetakserver - networks: - - taknet - volumes: - - free-tak-core-db:/opt/fts/ + pull_policy: build + restart: unless-stopped + build: + context: . + dockerfile: core-pypi.Dockerfile ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - - 9000:9000 - # APIPort - Don't expose by default - - 19023:19023 - + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort - Don't expose unless you are trying to federate + #- 9000:9000 + # APIPort - Don't expose unless you host UI and server on separate container networks + #- 19023:19023 + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" environment: - # The ChangeMe section - FTS_FED_PASSWORD: "defaultpass" - FTS_CLIENT_CERT_PASSWORD: "supersecret" - FTS_WEBSOCKET_KEY: "YourWebsocketKey" - FTS_SECRET_KEY: "vnkdjnfjknfl1232#" - #FTS_NODE_ID: "SOMESTRING" - FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" - - # Networking - FTS_COT_PORT: 8087 - FTS_SSLCOT_PORT: 8089 - FTS_API_PORT: 19023 - FTS_FED_PORT: 9000 - - FTS_DP_ADDRESS: 'freetakserver' - FTS_USER_ADDRESS: 'freetakserver' - FTS_API_ADDRESS: 'freetakserver' + # Change from default if needed + #FTS_FED_PASSWORD: "defaultpass" + #FTS_CLIENT_CERT_PASSWORD: "password" - FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 - FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 - FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 - FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' - - FTS_ROUTING_PROXY_SERVER_PORT: 19031 - FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' - - FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager - FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - - FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager - FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - - # Misc Settings - FTS_OPTIMIZE_API: True - FTS_DATA_RECEPTION_BUFFER: 1024 - FTS_MAX_RECEPTION_TIME: 4 - FTS_NUM_ROUTING_WORKERS: 3 - FTS_COT_TO_DB: True + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - FTS_MAINLOOP_DELAY: 100 - FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - FTS_LOG_LEVEL: "info" + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - freetakserver-ui: + ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: # Web interface port - 5000:5000 # API Port - you probably don't need to expose if UI and Core are on same container network #- 19023:19023 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' - FTS_MAP_PORT: 8000 - FTS_MAP_PROTO: 'http' - FTS_UI_PORT: 5000 - FTS_UI_WSKEY: 'YourWebsocketKey' - FTS_API_KEY: 'Bearer token' - FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' - -volumes: - free-tak-core-db: - free-tak-ui-db: -networks: - taknet: - driver: bridge From cbfca2d1a8f6a2269c563c45010456cd285efe19 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 20/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 8339e4c..4495566 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,6 +51,9 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: # Web interface port - 5000:5000 @@ -65,3 +68,7 @@ services: FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' + +networks: + taknet: + driver: bridge From 55d30072031fdc17026a217f5c022cb11b9abcb6 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 21/80] Docker: Add env vars to compose files # Conflicts: # containers/example-compose.yaml --- containers/example-compose.yaml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 4495566..8339e4c 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: # Web interface port - 5000:5000 @@ -68,7 +65,3 @@ services: FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' - -networks: - taknet: - driver: bridge From 122bb37935f076330c0b8c569a8a7635eaad9c30 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 22/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 131 ++++++++++++++++++++------------ 1 file changed, 81 insertions(+), 50 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 8339e4c..8301099 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,67 +1,98 @@ services: - fts: + freetakserver: image: ghcr.io/freetakteam/freetakserver:latest - pull_policy: build - restart: unless-stopped - build: - context: . - dockerfile: core-pypi.Dockerfile - ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - Don't expose unless you are trying to federate - #- 9000:9000 - # APIPort - Don't expose unless you host UI and server on separate container networks - #- 19023:19023 + hostname: freetakserver + networks: + - taknet volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" + - free-tak-core-db:/opt/fts/ + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + - 9000:9000 + # APIPort - Don't expose by default + - 19023:19023 + environment: - # Change from default if needed - #FTS_FED_PASSWORD: "defaultpass" - #FTS_CLIENT_CERT_PASSWORD: "password" + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "supersecret" + FTS_WEBSOCKET_KEY: "YourWebsocketKey" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + #FTS_NODE_ID: "SOMESTRING" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 'freetakserver' + FTS_USER_ADDRESS: 'freetakserver' + FTS_API_ADDRESS: 'freetakserver' - # Change the following 2 lines to the FTS external IP - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' - # Misc Settings. Uncomment if needed - #FTS_OPTIMIZE_API: True - #FTS_DATA_RECEPTION_BUFFER: 1024 - #FTS_MAX_RECEPTION_TIME: 4 - #FTS_NUM_ROUTING_WORKERS: 3 - #FTS_COT_TO_DB: True + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager + + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager + + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - #FTS_MAINLOOP_DELAY: 100 - #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - #FTS_LOG_LEVEL: "error" - #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" - ftsui: + freetakserver-ui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - # Web interface port - 5000:5000 - # API Port - you probably don't need to expose if UI and Core are on same container network - #- 19023:19023 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' + +volumes: + free-tak-core-db: + free-tak-ui-db: +networks: + taknet: + driver: bridge From d490e14ffc4ccaa21b38ecc28e119a53ad4b1036 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 23/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 113 ++++++++++++-------------------- 1 file changed, 41 insertions(+), 72 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 8301099..1972f18 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -7,67 +7,49 @@ services: volumes: - free-tak-core-db:/opt/fts/ ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - - 9000:9000 - # APIPort - Don't expose by default - - 19023:19023 - + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort - Don't expose unless you are trying to federate + #- 9000:9000 + # APIPort - Don't expose unless you host UI and server on separate container networks + #- 19023:19023 + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" environment: - # The ChangeMe section - FTS_FED_PASSWORD: "defaultpass" - FTS_CLIENT_CERT_PASSWORD: "supersecret" - FTS_WEBSOCKET_KEY: "YourWebsocketKey" - FTS_SECRET_KEY: "vnkdjnfjknfl1232#" - #FTS_NODE_ID: "SOMESTRING" - FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" - - # Networking - FTS_COT_PORT: 8087 - FTS_SSLCOT_PORT: 8089 - FTS_API_PORT: 19023 - FTS_FED_PORT: 9000 - - FTS_DP_ADDRESS: 'freetakserver' - FTS_USER_ADDRESS: 'freetakserver' - FTS_API_ADDRESS: 'freetakserver' - - FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 - FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + # Change from default if needed + #FTS_FED_PASSWORD: "defaultpass" + #FTS_CLIENT_CERT_PASSWORD: "password" - FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 - FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 - FTS_ROUTING_PROXY_SERVER_PORT: 19031 - FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' - - FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager - FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - - FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager - FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - - # Misc Settings - FTS_OPTIMIZE_API: True - FTS_DATA_RECEPTION_BUFFER: 1024 - FTS_MAX_RECEPTION_TIME: 4 - FTS_NUM_ROUTING_WORKERS: 3 - FTS_COT_TO_DB: True + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - FTS_MAINLOOP_DELAY: 100 - FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - FTS_LOG_LEVEL: "info" + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - freetakserver-ui: + ftsui: image: ghcr.io/freetakteam/ui:latest hostname: freetakserver-ui networks: @@ -75,24 +57,11 @@ services: ports: - 5000:5000 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' - FTS_MAP_PORT: 8000 - FTS_MAP_PROTO: 'http' - FTS_UI_PORT: 5000 - FTS_UI_WSKEY: 'YourWebsocketKey' - FTS_API_KEY: 'Bearer token' - FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' - -volumes: - free-tak-core-db: - free-tak-ui-db: -networks: - taknet: - driver: bridge From 05eeb0ec1c0c274181a0df5e92e53a834ed2b659 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 24/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 1972f18..2dafe35 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: - 5000:5000 volumes: From a8e637fbfc1c6e9b88654e841dd50dc16143628b Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 25/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 2dafe35..167196f 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,14 +51,17 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - 5000:5000 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' From 0fc465720e51414a5e0a927935ccedcf7ef67d60 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 26/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 167196f..1972f18 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -57,11 +57,11 @@ services: ports: - 5000:5000 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' From 679acf81a11abfa4d35407f672d963c1729cb07b Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 27/80] Docker: Add env vars to compose files # Conflicts: # containers/example-compose.yaml --- containers/example-compose.yaml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 1972f18..6e2cfca 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,11 +1,11 @@ services: - freetakserver: + fts: image: ghcr.io/freetakteam/freetakserver:latest - hostname: freetakserver - networks: - - taknet - volumes: - - free-tak-core-db:/opt/fts/ + pull_policy: build + restart: unless-stopped + build: + context: . + dockerfile: core-pypi.Dockerfile ports: # DataPackagePort - 8080:8080 @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: - 5000:5000 volumes: From b60c23b8118e68fafd632a7a243251602b0c5b58 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 28/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 6e2cfca..97d393e 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,6 +51,9 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - 5000:5000 volumes: @@ -62,3 +65,7 @@ services: FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' + +networks: + taknet: + driver: bridge From f488123130a706c9e997b99ec181d903ed18082c Mon Sep 17 00:00:00 2001 From: Fred Eisele Date: Tue, 14 May 2024 11:50:04 -0500 Subject: [PATCH 29/80] update --check logic and nodered version compatibility --- roles/nodered/defaults/main.yml | 4 +- scripts/easy_install.sh | 120 +++++++++++++++++++++++++++----- 2 files changed, 104 insertions(+), 20 deletions(-) diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 03ecdaf..bd0ae7a 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -26,9 +26,9 @@ noderedserver_ipv4: 0.0.0.0 noderedserver_port: 1880 nodered_npm_packages: - - node-red@v2-maintenance + - node-red@v3.1.9 - node-red-admin - - node-red-contrib-web-worldmap + - node-red-contrib-web-worldmap@4.8.0 nodered_nodes: - node-red-contrib-config diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 9dded64..7c96379 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -24,6 +24,9 @@ DEFAULT_BRANCH="main" BRANCH=${BRANCH:-$DEFAULT_BRANCH} CBRANCH=${CBRANCH:-} +DEFAULT_PYPI_URL="https://pypi.org" +TEST_PYPI_URL="https://test.pypi.org" + STABLE_OS_REQD="Ubuntu" STABLE_OS_VER_REQD="22.04" STABLE_CODENAME_REQD="jammy" @@ -40,7 +43,11 @@ PY3_VER_STABLE="3.11" STABLE_FTS_VERSION="2.0.66" LEGACY_FTS_VERSION="1.9.9.6" -LATEST_FTS_VERSION=$(curl -s https://pypi.org/pypi/FreeTAKServer/json | python3 -c "import sys, json; print(json.load(sys.stdin)['info']['version'])") +function set_latest_fts_version() { + local pypi_url=$1 + export LATEST_FTS_VERSION=$(curl -s ${pypi_url}/pypi/FreeTAKServer/json | python3 -c "import sys, json; print(json.load(sys.stdin)['info']['version'])") +} +set_latest_fts_version ${DEFAULT_PYPI_URL} FTS_VENV="${HOME}/fts.venv" @@ -95,7 +102,9 @@ Available options: -h, --help Print help -v, --verbose Print script debug info --c, --check Check for compatibility issues while installing +-c, --check Check for compatibility issues while installing [DEFAULT 'os'], may be repeated + --no-check Suppress check for compatibility issues while installing, may be repeated +-w, --warn Convert errors into warnings --core Install FreeTAKServer, UI, and Web Map --latest [DEFAULT] Install latest version (v$LATEST_FTS_VERSION) -s, --stable Install latest stable version (v$STABLE_FTS_VERSION) @@ -104,7 +113,14 @@ Available options: --branch Use specified ZT Installer repository branch [DEFAULT main] --dev-test Sets TEST Envar to 1 --dry-run Sets up dependencies but exits before running any playbooks - --ip-addr Explicitly set IP address (when http://ifconfig.me/ip is wrong) + --ip-addr Explicitly set IP address (when https://ifconfig.me/ip is wrong) + --pypi Explicitly set the URL for PYPI repository (e.g. https://test.pypi.org) + +The supported checks are: +- root is the install being run under root authority +- os is a recommended operating system being used +- arch is this a supported hardware architecture + USAGE_TEXT exit } @@ -145,13 +161,31 @@ function die() { } +############################################################################### +# If the situation is dire then panic. +############################################################################### +function panic() { + + if [[ "${WARN_LEVEL:-0}" -eq 1 ]]; then + echo $1 + else + die $@ + fi +} + ############################################################################### # Parse parameters ############################################################################### + +WARN_LEVEL=0 +CHECK_OS=1 +CHECK_ROOT=0 +CHECK_ARCH=0 + function parse_params() { - # The default 'apt verbosity' is verbose. Set it to quiet, since that's what our script assumes - # unset this later if we want verbosity + # The default 'apt verbosity' is verbose. + # Set it to quiet, since that's what our script assumes unset this later if we want verbosity APT_VERBOSITY="-qq" while true; do @@ -178,7 +212,43 @@ function parse_params() { ;; --check | -c) - CHECK=1 + case "${2-}" in + 'os') + CHECK_OS=1 + ;; + 'root') + CHECK_ROOT=1 + ;; + 'arch') + CHECK_ARCH=1 + ;; + *) + echo "Invalid check type: $2" + ;; + esac + shift 2 + ;; + + --no-check) + case "${2-}" in + 'os') + CHECK_OS=0 + ;; + 'root') + CHECK_ROOT=0 + ;; + 'arch') + CHECK_ARCH=0 + ;; + *) + echo "Invalid check type: $2" + ;; + esac + shift 2 + ;; + + --warn | -w) + WARN_LEVEL=1 shift ;; @@ -245,13 +315,24 @@ function parse_params() { echo "Using the IP of ${FTS_IP_CUSTOM}" ;; + --pypi) + # PIP_EXTRA_INDEX_URL is special. + # If after pip checks the primary index-url; + # it does not find the source, + # it will check the extra-index.url repositories. + export PIP_EXTRA_INDEX_URL=$2 + shift 2 + echo "Using the extra pypi URL of ${PIP_EXTRA_INDEX_URL}" + set_latest_fts_version ${PIP_EXTRA_INDEX_URL} + ;; + --no-color) NO_COLOR=1 shift ;; -?*) - die "ERROR: unknown option $1" + panic "ERROR: unknown option $1" ;; *) @@ -294,7 +375,7 @@ function set_versions() { export CODENAME=$STABLE_CODENAME_REQD ;; *) - die "Unsupport install type: $INSTALL_TYPE" + panic "Unsupported install type: $INSTALL_TYPE" ;; esac @@ -304,17 +385,18 @@ function set_versions() { ############################################################################### function do_checks() { - check_root + if [[ "${CHECK_ROOT:-0}" -eq 1 ]]; then + check_root + fi - if [[ -n "${CHECK-}" ]]; then + if [[ "${CHECK_OS:-0}" -eq 1 ]]; then check_os - # check_architecture else WEBMAP_FORCE_INSTALL="webmap_force_install=true" fi - if [[ -n "${TEST-}" ]]; then - REPO="https://github.com/janseptaugust/FreeTAKHub-Installation.git" + if [[ "${CHECK_ARCH:-0}" -eq 1 ]]; then + check_architecture fi } @@ -330,7 +412,7 @@ function check_root() { if [[ "$EUID" -ne 0 ]]; then echo -e "${RED}ERROR${NOFORMAT}" - die "This script requires running as root. Use sudo before the command." + panic "This script requires running as root. Use sudo before the command." else @@ -346,7 +428,7 @@ function check_os() { which apt-get >/dev/null if [[ $? -ne 0 ]]; then - die "Could not locate apt... this installation method will not work" + panic "Could not locate apt... this installation method will not work" fi echo -e -n "${BLUE}Checking for supported OS...${NOFORMAT}" @@ -407,7 +489,7 @@ function check_os() { # Check user input to proceed or not. if [[ "${PROCEED}" != "y" ]]; then - die "Answer was not y. Not proceeding." + panic "Answer was not y. Not proceeding." else echo -e "${GREEN}Proceeding...${NOFORMAT}" fi @@ -611,7 +693,9 @@ function run_playbook() { env_vars="python3_version=$PY3_VER codename=$CODENAME itype=$INSTALL_TYPE" env_vars="$env_vars fts_version=$FTS_VERSION cfg_rpath=$CFG_RPATH fts_venv=${FTS_VENV}" [[ -n "${FTS_IP_CUSTOM:-}" ]] && env_vars="$env_vars fts_ip_addr_extra=$FTS_IP_CUSTOM" + [[ -n "${PYPI_URL:-}" ]] && env_vars="$env_vars pypi_url=$PYPI_URL" [[ -n "${WEBMAP_FORCE_INSTALL:-}" ]] && env_vars="$env_vars $WEBMAP_FORCE_INSTALL" + [[ -n "${CORE:-}" ]] && pb=install_mainserver || pb=install_all echo -e "${BLUE}Running Ansible Playbook ${GREEN}$pb${BLUE}...${NOFORMAT}" ansible-playbook -u root ${pb}.yml \ @@ -634,8 +718,8 @@ function cleanup() { setup_colors parse_params "${@}" set_versions -check_os -# do_checks + +do_checks download_dependencies [[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]] && install_python_environment handle_git_repository From 25b5071de182b3d131e2d7121312271c96c8383d Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:06:24 +0000 Subject: [PATCH 30/80] ignore apt so files and merge error files --- .gitignore | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitignore b/.gitignore index ef04c89..9299170 100644 --- a/.gitignore +++ b/.gitignore @@ -72,3 +72,9 @@ ansible.cfg /.vagrant/* /.byebug_history /docs/DEV.md + +apt_inst.so +apt_pkg.so + +git-error-* + From 26fc64e1e4cc29ea84daeb809e779e51168e5e24 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:13:19 +0000 Subject: [PATCH 31/80] enabled devcontainer --- .devcontainer/Dockerfile | 4 +++ .devcontainer/devcontainer.json | 51 +++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 .devcontainer/Dockerfile create mode 100644 .devcontainer/devcontainer.json diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile new file mode 100644 index 0000000..be33501 --- /dev/null +++ b/.devcontainer/Dockerfile @@ -0,0 +1,4 @@ +FROM mcr.microsoft.com/devcontainers/base:ubuntu-22.04 +RUN apt-get update \ + && apt-get install -y python3 python3-pip \ + && pip3 install --upgrade pip diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000..3d5c004 --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,51 @@ +// For format details, see https://aka.ms/devcontainer.json. +// For config options, see the README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu +{ + "name": "FTS-Install", + // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile + "build": { + // Path is relative to the devcontainer.json file. + "dockerfile": "Dockerfile", + "context": "." + }, + + // Features to add to the dev container. ore info: https://containers.dev/features. + "features": { + "ghcr.io/devcontainers/features/common-utils:2": { + "installZsh": "true", + "username": "vscode", + "userUid": "1000", + "userGid": "1000", + "upgradePackages": "true" + }, + "ghcr.io/devcontainers/features/git:1": { + "version": "latest", + "ppa": "false" + } + }, + + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], + + // Use 'postCreateCommand' to run commands after the container is created. + // "postCreateCommand": "uname -a", + + // Configure tool-specific properties. + "customizations" : { + "jetbrains" : { + "backend" : "IntelliJ" + } + }, + "runArgs": [ + "--net", "host", + "-e", "DISPLAY=:0", + "-e", "XAUTHORITY=/tmp/.Xauthority", + "-v", "${localEnv:HOME}/.Xauthority:/tmp/.Xauthority" + ], + "containerEnv": { + "DISPLAY": "unix:0" + }, + + // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root. + // "remoteUser": "root" + } \ No newline at end of file From e0bcee70b63c6e48fa17ca5d0a0b403235571052 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:34:44 +0000 Subject: [PATCH 32/80] use more current version of nodejs update the versions for node-red-contrib-web-worldmap node-red version update --- roles/nodered/defaults/main.yml | 3 +-- roles/nodered/vars/Ubuntu.yml | 2 +- scripts/easy_install.sh | 11 +++++++++++ 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index bd0ae7a..6bd4cae 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -28,8 +28,7 @@ noderedserver_port: 1880 nodered_npm_packages: - node-red@v3.1.9 - node-red-admin - - node-red-contrib-web-worldmap@4.8.0 - + - node-red-contrib-web-worldmap@5.0.2 nodered_nodes: - node-red-contrib-config - node-red-dashboard diff --git a/roles/nodered/vars/Ubuntu.yml b/roles/nodered/vars/Ubuntu.yml index 5483efc..0c0b891 100644 --- a/roles/nodered/vars/Ubuntu.yml +++ b/roles/nodered/vars/Ubuntu.yml @@ -5,4 +5,4 @@ nodered_apt_dependencies: - npm - nodejs -unit_files_location: /etc/systemd/system \ No newline at end of file +unit_files_location: /etc/systemd/system diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 7c96379..a3b2172 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -611,6 +611,17 @@ function install_python_environment() { deactivate } + +############################################################################### +# The latest version of node-red needs a current version of nodejs. +# The https://www.npmjs.com/package/n package can be used to manage nodejs versions. +# curl -L https://bit.ly/n-install | bash +# see https://github.com/dceejay/RedMap/blob/master/package.json for the dependencies. +############################################################################### +function install_nodejs_environment() { + sudo npm install -g n + sudo n 18.20.4 +} ############################################################################### # Handle git repository ############################################################################### From 0ec2063baea96f200e82a1e988be2c16aaf132c8 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 14:37:20 +0000 Subject: [PATCH 33/80] invoke the nodejs environment function --- scripts/easy_install.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index a3b2172..9a1a643 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -622,6 +622,7 @@ function install_nodejs_environment() { sudo npm install -g n sudo n 18.20.4 } + ############################################################################### # Handle git repository ############################################################################### @@ -732,6 +733,8 @@ set_versions do_checks download_dependencies +install_nodejs_environment + [[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]] && install_python_environment handle_git_repository add_passwordless_ansible_execution From 2104692aa84d4f9b42ad82978046d0b06210a81f Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 34/80] Docker: Add env vars to compose files # Conflicts: # containers/example-compose.yaml --- containers/compose.yaml | 71 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 containers/compose.yaml diff --git a/containers/compose.yaml b/containers/compose.yaml new file mode 100644 index 0000000..425569b --- /dev/null +++ b/containers/compose.yaml @@ -0,0 +1,71 @@ +services: + fts: + image: freetakserver:latest + pull_policy: build + restart: unless-stopped + build: + context: . + dockerfile: core-pypi.Dockerfile + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + #- 9000:9000 + # APIPort - Don't expose by default + #- 19023:19023 + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" + environment: + # Change from default if needed + #FTS_FED_PASSWORD: "defaultpass" + #FTS_CLIENT_CERT_PASSWORD: "password" + + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 + + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True + # number of milliseconds to wait between each iteration of main loop + # decreasing will increase CPU usage and server performance + # increasing will decrease CPU usage and server performance + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + + ftsui: + image: freetakserver-ui:latest + pull_policy: build + build: + context: . + dockerfile: ui-pypi.Dockerfile + ports: + # Web interface port + - 5000:5000 + # API Port - probably don't need to expose if UI and Core are on same container network + #- 19023:19023 + volumes: + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" + environment: + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_MAP_EXPOSED_IP: '127.0.0.1' + From d43fdde0cb73b10c77012344d3010f41ce07eeca Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 35/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 113 ++++++++++++-------------------- 1 file changed, 41 insertions(+), 72 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 8301099..1972f18 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -7,67 +7,49 @@ services: volumes: - free-tak-core-db:/opt/fts/ ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - - 9000:9000 - # APIPort - Don't expose by default - - 19023:19023 - + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort - Don't expose unless you are trying to federate + #- 9000:9000 + # APIPort - Don't expose unless you host UI and server on separate container networks + #- 19023:19023 + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" environment: - # The ChangeMe section - FTS_FED_PASSWORD: "defaultpass" - FTS_CLIENT_CERT_PASSWORD: "supersecret" - FTS_WEBSOCKET_KEY: "YourWebsocketKey" - FTS_SECRET_KEY: "vnkdjnfjknfl1232#" - #FTS_NODE_ID: "SOMESTRING" - FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" - - # Networking - FTS_COT_PORT: 8087 - FTS_SSLCOT_PORT: 8089 - FTS_API_PORT: 19023 - FTS_FED_PORT: 9000 - - FTS_DP_ADDRESS: 'freetakserver' - FTS_USER_ADDRESS: 'freetakserver' - FTS_API_ADDRESS: 'freetakserver' - - FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 - FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + # Change from default if needed + #FTS_FED_PASSWORD: "defaultpass" + #FTS_CLIENT_CERT_PASSWORD: "password" - FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 - FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 - FTS_ROUTING_PROXY_SERVER_PORT: 19031 - FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' - - FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager - FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - - FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager - FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - - # Misc Settings - FTS_OPTIMIZE_API: True - FTS_DATA_RECEPTION_BUFFER: 1024 - FTS_MAX_RECEPTION_TIME: 4 - FTS_NUM_ROUTING_WORKERS: 3 - FTS_COT_TO_DB: True + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - FTS_MAINLOOP_DELAY: 100 - FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - FTS_LOG_LEVEL: "info" + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - freetakserver-ui: + ftsui: image: ghcr.io/freetakteam/ui:latest hostname: freetakserver-ui networks: @@ -75,24 +57,11 @@ services: ports: - 5000:5000 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' - FTS_MAP_PORT: 8000 - FTS_MAP_PROTO: 'http' - FTS_UI_PORT: 5000 - FTS_UI_WSKEY: 'YourWebsocketKey' - FTS_API_KEY: 'Bearer token' - FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' - -volumes: - free-tak-core-db: - free-tak-ui-db: -networks: - taknet: - driver: bridge From 4667ddd3422cd913418da5a01245bcafb69c21c6 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 36/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 1972f18..2dafe35 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: - 5000:5000 volumes: From a0503bb6619c1074f9b1f9fb6445e0e58a0c8c03 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 37/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 2dafe35..167196f 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,14 +51,17 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - 5000:5000 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' From 26708256c914b686e4b4d56b12aff1e5bd58c1e4 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 38/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 167196f..1972f18 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -57,11 +57,11 @@ services: ports: - 5000:5000 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' From 45b3657f33184794a43c960246c980d62d1e9610 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 39/80] Docker: Add env vars to compose files # Conflicts: # containers/example-compose.yaml --- containers/example-compose.yaml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 1972f18..6e2cfca 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,11 +1,11 @@ services: - freetakserver: + fts: image: ghcr.io/freetakteam/freetakserver:latest - hostname: freetakserver - networks: - - taknet - volumes: - - free-tak-core-db:/opt/fts/ + pull_policy: build + restart: unless-stopped + build: + context: . + dockerfile: core-pypi.Dockerfile ports: # DataPackagePort - 8080:8080 @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: - 5000:5000 volumes: From 5af17111971d50b338df94d6f669e54f3a24b909 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 40/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 6e2cfca..97d393e 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,6 +51,9 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - 5000:5000 volumes: @@ -62,3 +65,7 @@ services: FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' + +networks: + taknet: + driver: bridge From 1c53e68e51b6a833fdf60bf8fe6ee0a5a9b98a0b Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 41/80] Docker: Add env vars to compose files # Conflicts: # containers/example-compose.yaml --- containers/example-compose.yaml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 97d393e..6e2cfca 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: - 5000:5000 volumes: @@ -65,7 +62,3 @@ services: FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' - -networks: - taknet: - driver: bridge From 29f629c1e0005eef9ebae212bbf51445b4cff145 Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 42/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 128 ++++++++++++++++++++------------ 1 file changed, 81 insertions(+), 47 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 6e2cfca..8301099 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,64 +1,98 @@ services: - fts: + freetakserver: image: ghcr.io/freetakteam/freetakserver:latest - pull_policy: build - restart: unless-stopped - build: - context: . - dockerfile: core-pypi.Dockerfile - ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - Don't expose unless you are trying to federate - #- 9000:9000 - # APIPort - Don't expose unless you host UI and server on separate container networks - #- 19023:19023 + hostname: freetakserver + networks: + - taknet volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" + - free-tak-core-db:/opt/fts/ + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + - 9000:9000 + # APIPort - Don't expose by default + - 19023:19023 + environment: - # Change from default if needed - #FTS_FED_PASSWORD: "defaultpass" - #FTS_CLIENT_CERT_PASSWORD: "password" + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "supersecret" + FTS_WEBSOCKET_KEY: "YourWebsocketKey" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + #FTS_NODE_ID: "SOMESTRING" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 'freetakserver' + FTS_USER_ADDRESS: 'freetakserver' + FTS_API_ADDRESS: 'freetakserver' - # Change the following 2 lines to the FTS external IP - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' - # Misc Settings. Uncomment if needed - #FTS_OPTIMIZE_API: True - #FTS_DATA_RECEPTION_BUFFER: 1024 - #FTS_MAX_RECEPTION_TIME: 4 - #FTS_NUM_ROUTING_WORKERS: 3 - #FTS_COT_TO_DB: True + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager + + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager + + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - #FTS_MAINLOOP_DELAY: 100 - #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - #FTS_LOG_LEVEL: "error" - #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" - ftsui: + freetakserver-ui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - 5000:5000 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' + +volumes: + free-tak-core-db: + free-tak-ui-db: +networks: + taknet: + driver: bridge From 7edd977be5fbdebda0281eb9fe07c226919d298e Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 43/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 113 ++++++++++++-------------------- 1 file changed, 41 insertions(+), 72 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 8301099..1972f18 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -7,67 +7,49 @@ services: volumes: - free-tak-core-db:/opt/fts/ ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - - 9000:9000 - # APIPort - Don't expose by default - - 19023:19023 - + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort - Don't expose unless you are trying to federate + #- 9000:9000 + # APIPort - Don't expose unless you host UI and server on separate container networks + #- 19023:19023 + volumes: + # Confused about the Z at the end? + # on hosts with selinux, you will need this. + # a Z means the volume is not shared + # a z means the volume is shared + - ./base-config/:/opt/fts/:rw,Z + network_mode: "host" environment: - # The ChangeMe section - FTS_FED_PASSWORD: "defaultpass" - FTS_CLIENT_CERT_PASSWORD: "supersecret" - FTS_WEBSOCKET_KEY: "YourWebsocketKey" - FTS_SECRET_KEY: "vnkdjnfjknfl1232#" - #FTS_NODE_ID: "SOMESTRING" - FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" - - # Networking - FTS_COT_PORT: 8087 - FTS_SSLCOT_PORT: 8089 - FTS_API_PORT: 19023 - FTS_FED_PORT: 9000 - - FTS_DP_ADDRESS: 'freetakserver' - FTS_USER_ADDRESS: 'freetakserver' - FTS_API_ADDRESS: 'freetakserver' - - FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 - FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + # Change from default if needed + #FTS_FED_PASSWORD: "defaultpass" + #FTS_CLIENT_CERT_PASSWORD: "password" - FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 - FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + # Change the following 2 lines to the FTS external IP + FTS_DP_ADDRESS: 127.0.0.1 + FTS_USER_ADDRESS: 127.0.0.1 - FTS_ROUTING_PROXY_SERVER_PORT: 19031 - FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' - - FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager - FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - - FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager - FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - - # Misc Settings - FTS_OPTIMIZE_API: True - FTS_DATA_RECEPTION_BUFFER: 1024 - FTS_MAX_RECEPTION_TIME: 4 - FTS_NUM_ROUTING_WORKERS: 3 - FTS_COT_TO_DB: True + # Misc Settings. Uncomment if needed + #FTS_OPTIMIZE_API: True + #FTS_DATA_RECEPTION_BUFFER: 1024 + #FTS_MAX_RECEPTION_TIME: 4 + #FTS_NUM_ROUTING_WORKERS: 3 + #FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - FTS_MAINLOOP_DELAY: 100 - FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - FTS_LOG_LEVEL: "info" + #FTS_MAINLOOP_DELAY: 100 + #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + #FTS_LOG_LEVEL: "error" + #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - freetakserver-ui: + ftsui: image: ghcr.io/freetakteam/ui:latest hostname: freetakserver-ui networks: @@ -75,24 +57,11 @@ services: ports: - 5000:5000 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' - FTS_MAP_PORT: 8000 - FTS_MAP_PROTO: 'http' - FTS_UI_PORT: 5000 - FTS_UI_WSKEY: 'YourWebsocketKey' - FTS_API_KEY: 'Bearer token' - FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' - -volumes: - free-tak-core-db: - free-tak-ui-db: -networks: - taknet: - driver: bridge From 9af9c0e0450528f8188153c066564b43ae5c0673 Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 44/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 1972f18..2dafe35 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: - 5000:5000 volumes: From 13b5313bd234823fb6a5a344eb19e852244fa9fa Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 45/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 2dafe35..167196f 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,14 +51,17 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - 5000:5000 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' From 1b6299e7273c85b79ea1698983d2ad88e15b7c9f Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 46/80] Docker: Add env vars to compose files --- containers/example-compose.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 167196f..1972f18 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -57,11 +57,11 @@ services: ports: - 5000:5000 volumes: - - free-tak-ui-db:/home/freetak/:Z,rw + - ./ui-config:/home/freetak/data:rw,Z + network_mode: "host" environment: - FTS_IP: YOUR EXTERNAL URL HERE - FTS_API_PORT: 19023 - FTS_API_PROTO: 'http' - FTS_UI_EXPOSED_IP: 'freetakserver-ui' + # Change the following 3 lines to the FTS external IP + FTS_IP: '127.0.0.1' + FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' From 2cd46eb11743faf57e46dc61fb1844643e677c2c Mon Sep 17 00:00:00 2001 From: Stephen Dade Date: Thu, 25 Apr 2024 20:51:30 +1000 Subject: [PATCH 47/80] Docker: Add env vars to compose files # Conflicts: # containers/example-compose.yaml --- containers/example-compose.yaml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 1972f18..6e2cfca 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,11 +1,11 @@ services: - freetakserver: + fts: image: ghcr.io/freetakteam/freetakserver:latest - hostname: freetakserver - networks: - - taknet - volumes: - - free-tak-core-db:/opt/fts/ + pull_policy: build + restart: unless-stopped + build: + context: . + dockerfile: core-pypi.Dockerfile ports: # DataPackagePort - 8080:8080 @@ -51,9 +51,6 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest - hostname: freetakserver-ui - networks: - - taknet ports: - 5000:5000 volumes: From 416fd89585f39e1b1fc4b157513a6c6d3869044e Mon Sep 17 00:00:00 2001 From: Az Builds Date: Sun, 1 Sep 2024 15:36:05 -0400 Subject: [PATCH 48/80] Update compose files so that containers can find each other --- containers/example-compose.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 6e2cfca..97d393e 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -51,6 +51,9 @@ services: ftsui: image: ghcr.io/freetakteam/ui:latest + hostname: freetakserver-ui + networks: + - taknet ports: - 5000:5000 volumes: @@ -62,3 +65,7 @@ services: FTS_UI_EXPOSED_IP: '127.0.0.1' FTS_MAP_EXPOSED_IP: '127.0.0.1' + +networks: + taknet: + driver: bridge From 1a83783afcaa1ae59889031e5370e580cf930ea3 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 11:41:25 -0500 Subject: [PATCH 49/80] match upstream main --- containers/compose.yaml | 71 ------------------- containers/example-compose.yaml | 121 +++++++++++++++++++------------- 2 files changed, 74 insertions(+), 118 deletions(-) delete mode 100644 containers/compose.yaml diff --git a/containers/compose.yaml b/containers/compose.yaml deleted file mode 100644 index 425569b..0000000 --- a/containers/compose.yaml +++ /dev/null @@ -1,71 +0,0 @@ -services: - fts: - image: freetakserver:latest - pull_policy: build - restart: unless-stopped - build: - context: . - dockerfile: core-pypi.Dockerfile - ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - #- 9000:9000 - # APIPort - Don't expose by default - #- 19023:19023 - volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" - environment: - # Change from default if needed - #FTS_FED_PASSWORD: "defaultpass" - #FTS_CLIENT_CERT_PASSWORD: "password" - - # Change the following 2 lines to the FTS external IP - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 - - # Misc Settings. Uncomment if needed - #FTS_OPTIMIZE_API: True - #FTS_DATA_RECEPTION_BUFFER: 1024 - #FTS_MAX_RECEPTION_TIME: 4 - #FTS_NUM_ROUTING_WORKERS: 3 - #FTS_COT_TO_DB: True - # number of milliseconds to wait between each iteration of main loop - # decreasing will increase CPU usage and server performance - # increasing will decrease CPU usage and server performance - #FTS_MAINLOOP_DELAY: 100 - #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - #FTS_LOG_LEVEL: "error" - #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" - - ftsui: - image: freetakserver-ui:latest - pull_policy: build - build: - context: . - dockerfile: ui-pypi.Dockerfile - ports: - # Web interface port - - 5000:5000 - # API Port - probably don't need to expose if UI and Core are on same container network - #- 19023:19023 - volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" - environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' - FTS_MAP_EXPOSED_IP: '127.0.0.1' - diff --git a/containers/example-compose.yaml b/containers/example-compose.yaml index 97d393e..8301099 100644 --- a/containers/example-compose.yaml +++ b/containers/example-compose.yaml @@ -1,55 +1,73 @@ services: - fts: + freetakserver: image: ghcr.io/freetakteam/freetakserver:latest - pull_policy: build - restart: unless-stopped - build: - context: . - dockerfile: core-pypi.Dockerfile - ports: - # DataPackagePort - - 8080:8080 - # CoTPort - - 8087:8087 - # SSLCoTPort - - 8089:8089 - # SSLDataPackagePort - - 8443:8443 - # FederationPort - Don't expose unless you are trying to federate - #- 9000:9000 - # APIPort - Don't expose unless you host UI and server on separate container networks - #- 19023:19023 + hostname: freetakserver + networks: + - taknet volumes: - # Confused about the Z at the end? - # on hosts with selinux, you will need this. - # a Z means the volume is not shared - # a z means the volume is shared - - ./base-config/:/opt/fts/:rw,Z - network_mode: "host" + - free-tak-core-db:/opt/fts/ + ports: + # DataPackagePort + - 8080:8080 + # CoTPort + - 8087:8087 + # SSLCoTPort + - 8089:8089 + # SSLDataPackagePort + - 8443:8443 + # FederationPort + - 9000:9000 + # APIPort - Don't expose by default + - 19023:19023 + environment: - # Change from default if needed - #FTS_FED_PASSWORD: "defaultpass" - #FTS_CLIENT_CERT_PASSWORD: "password" + # The ChangeMe section + FTS_FED_PASSWORD: "defaultpass" + FTS_CLIENT_CERT_PASSWORD: "supersecret" + FTS_WEBSOCKET_KEY: "YourWebsocketKey" + FTS_SECRET_KEY: "vnkdjnfjknfl1232#" + #FTS_NODE_ID: "SOMESTRING" + FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer. The Parrot is not dead. It’s just resting" + + # Networking + FTS_COT_PORT: 8087 + FTS_SSLCOT_PORT: 8089 + FTS_API_PORT: 19023 + FTS_FED_PORT: 9000 + + FTS_DP_ADDRESS: 'freetakserver' + FTS_USER_ADDRESS: 'freetakserver' + FTS_API_ADDRESS: 'freetakserver' + + FTS_ROUTING_PROXY_SUBSCRIBE_PORT: 19030 + FTS_ROUTING_PROXY_SUBSCRIBE_IP: 'freetakserver' + + FTS_ROUTING_PROXY_PUBLISHER_PORT: 19032 + FTS_ROUTING_PROXY_PUBLISHER_IP: 'freetakserver' + + FTS_ROUTING_PROXY_SERVER_PORT: 19031 + FTS_ROUTING_PROXY_SERVER_IP: 'freetakserver' + + FTS_INTEGRATION_MANAGER_PULLER_PORT: 19033 # port to receive worker responses by the integration manager + FTS_INTEGRATION_MANAGER_PULLER_ADDRESS: 'freetakserver' # address to receive worker responses by the integration manager - # Change the following 2 lines to the FTS external IP - FTS_DP_ADDRESS: 127.0.0.1 - FTS_USER_ADDRESS: 127.0.0.1 + FTS_INTEGRATION_MANAGER_PUBLISHER_PORT: 19034 # port from which to publish messages by the integration manager + FTS_INTEGRATION_MANAGER_PUBLISHER_ADDRESS: 'freetakserver' # address from which to publish messages by the integration manager - # Misc Settings. Uncomment if needed - #FTS_OPTIMIZE_API: True - #FTS_DATA_RECEPTION_BUFFER: 1024 - #FTS_MAX_RECEPTION_TIME: 4 - #FTS_NUM_ROUTING_WORKERS: 3 - #FTS_COT_TO_DB: True + # Misc Settings + FTS_OPTIMIZE_API: True + FTS_DATA_RECEPTION_BUFFER: 1024 + FTS_MAX_RECEPTION_TIME: 4 + FTS_NUM_ROUTING_WORKERS: 3 + FTS_COT_TO_DB: True # number of milliseconds to wait between each iteration of main loop # decreasing will increase CPU usage and server performance # increasing will decrease CPU usage and server performance - #FTS_MAINLOOP_DELAY: 100 - #FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it - #FTS_LOG_LEVEL: "error" - #FTS_CONNECTION_MESSAGE: "Welcome to FreeTAKServer" + FTS_MAINLOOP_DELAY: 100 + FTS_EMERGENCY_RADIUS: 0 # radius of emergency within-which users will receive it + FTS_LOG_LEVEL: "info" - ftsui: + freetakserver-ui: image: ghcr.io/freetakteam/ui:latest hostname: freetakserver-ui networks: @@ -57,14 +75,23 @@ services: ports: - 5000:5000 volumes: - - ./ui-config:/home/freetak/data:rw,Z - network_mode: "host" + - free-tak-ui-db:/home/freetak/:Z,rw environment: - # Change the following 3 lines to the FTS external IP - FTS_IP: '127.0.0.1' - FTS_UI_EXPOSED_IP: '127.0.0.1' + FTS_IP: YOUR EXTERNAL URL HERE + FTS_API_PORT: 19023 + FTS_API_PROTO: 'http' + FTS_UI_EXPOSED_IP: 'freetakserver-ui' FTS_MAP_EXPOSED_IP: '127.0.0.1' + FTS_MAP_PORT: 8000 + FTS_MAP_PROTO: 'http' + FTS_UI_PORT: 5000 + FTS_UI_WSKEY: 'YourWebsocketKey' + FTS_API_KEY: 'Bearer token' + FTS_UI_SQLALCHEMY_DATABASE_URI: 'sqlite:////home/freetak/data/FTSServer-UI.db' +volumes: + free-tak-core-db: + free-tak-ui-db: networks: taknet: From ae476041325b42fe82f2d335d6c9e9ecfd95b3fe Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 13:40:08 -0500 Subject: [PATCH 50/80] make clean up less aggresive --- docs/ubuntu-test-container.md | 101 +++++++++++++++++++++++++++++++++ roles/common/tasks/cleanup.yml | 6 +- scripts/easy_install.sh | 14 ++++- 3 files changed, 116 insertions(+), 5 deletions(-) create mode 100644 docs/ubuntu-test-container.md diff --git a/docs/ubuntu-test-container.md b/docs/ubuntu-test-container.md new file mode 100644 index 0000000..1839f29 --- /dev/null +++ b/docs/ubuntu-test-container.md @@ -0,0 +1,101 @@ +# Testing FTS Zero Touch Installer on Ubuntu + +Obviously, the ZTI can be tested in a clean native Ubuntu environment. +However, setting up such an environment can consume time. +So, while in a production environment, running FTS on dedicated hardware is the correct choice, +in a test environment it is more appropriate to use a container. + +## Setting up the container + +The test container can be constructed with any number of technologies. + +[Distrobox](https://wiki.archlinux.org/title/Distrobox) +[Ptyrix](https://flathub.org/apps/app.devsuite.Ptyxis) +[Boxbuddy](https://flathub.org/apps/io.github.dvlv.boxbuddyrs) + +We will want to specify a specific Ubuntu version we want `v22.04`. +```shell +distrobox create --image ubuntu:22.04 --name fts --yes \ + --init --additional-packages "systemd libpam-systemd pipewire-audio-client-libraries" +``` + +Enter the container +```shell +distrobox enter --name fts +``` + +## Use Zero Touch Intallation (ZTI) + +Note: The following steps may be modified to accommodate your situation. + +### The Working Repository + +The project working directory is mounted into the distrobox. +The following is an example: +```bash +cd ./Projects/fts-install +export MY_WD=$(pwd) +``` + +Your test will probably need the locally known IP address. +You may change the configured IP address later, +but it is easiest to handle it now. +It is likely you will want the host interface the example here instead uses `docker0`. +```bash +export MY_IPA=$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}') +``` + +You opened a branch for your issue. +```bash +export MY_BRANCH=issue_118 +``` + +```bash +echo "My IPA: ${MY_IPA}, WD: ${MY_WD}, ISSUE: ${MY_BRANCH}" +``` + +Install FTS using the candidate ZTI. +The `--verbose` is optional. + +#### Use a Committed Branch from a Git Repository +Notice that in the following command the `easy_install.sh` is taken from +a working tree, while the branch is from the committed repository. + +```bash +sudo bash ${MY_WD}/scripts/easy_install.sh -- --verbose --repo file://${MY_WD}/.git --branch ${MY_BRANCH:-main} --ip-addr ${MY_IPA} +``` +If you want to use Python packages from the https://test.pypi.org repository. +```bash +cat ${MY_WD}/scripts/easy_install.sh | sudo bash -s -- --verbose --repo file://${MY_WD}/.git --branch ${MY_BRANCH:-main} --ip-addr ${MY_IPA} --pypi https://test.pypi.org +``` + +### Configuration + +The official configuration instructions are +[available in the user guide](https://freetakteam.github.io/FreeTAKServer-User-Docs/Installation/Operation/). +Those instructions will not be duplicated here. + +## Running Installation Tests (smoke test) + +[Smoke testing](https://en.wikipedia.org/wiki/Smoke_testing_(software)) +is performed with the installation validation instructions. +The official installation validation instructions are +[available in the user guide](https://freetakteam.github.io/FreeTAKServer-User-Docs/Installation/Troubleshooting/InstallationCheck/). +Those instructions will not be duplicated here. + +## Resetting the `distrobox` + +### Hard Reset +The distrobox can be deleted and recreated. + +```shell +distrobox rm fts +``` + +### Soft Reset + +The soft reset creates a new distrobox from a previous box. +(You did make a snapshot, right?) +```shell +distrobox create --clone fts --name fts-test +``` \ No newline at end of file diff --git a/roles/common/tasks/cleanup.yml b/roles/common/tasks/cleanup.yml index 214e1b1..6ddff1f 100644 --- a/roles/common/tasks/cleanup.yml +++ b/roles/common/tasks/cleanup.yml @@ -1,3 +1,5 @@ --- -- name: cleanup /tmp/* - shell: sudo rm -rf /tmp/* +- name: cleanup temp files created by ansible + ansible.builtin.file: + path: /tmp/ansible* + state: absent \ No newline at end of file diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 9a1a643..0012ff5 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -149,11 +149,11 @@ function msg() { # Exit gracefully ############################################################################### function die() { + echo "DIE: $@" local msg=$1 - local code=${2-1} + local code=${2:-1} msg "$msg" - [[ $code -eq 0 ]] || echo -e "Exiting. Installation NOT successful." # default exit status 1 @@ -331,8 +331,13 @@ function parse_params() { shift ;; + --) + echo "argument delimiter" + shift + ;; + -?*) - panic "ERROR: unknown option $1" + panic "ERROR: unknown option [$1]" ;; *) @@ -587,6 +592,9 @@ function download_dependencies() { echo -e "${BLUE}Installing Git...${NOFORMAT}" apt-get -y ${APT_VERBOSITY--qq} install git + echo -e "${BLUE}Installing NodeJs...${NOFORMAT}" + apt-get -y ${APT_VERBOSITY--qq} install npm + } ############################################################################### From 42a9078cee66d4f0069550261acc471303e30c1a Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 13:46:00 -0500 Subject: [PATCH 51/80] released version of webmap --- roles/nodered/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 6bd4cae..2bc56d6 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -28,7 +28,7 @@ noderedserver_port: 1880 nodered_npm_packages: - node-red@v3.1.9 - node-red-admin - - node-red-contrib-web-worldmap@5.0.2 + - node-red-contrib-web-worldmap@5.0.1 nodered_nodes: - node-red-contrib-config - node-red-dashboard From ff5c070a818920c320f156a0a1f4d4d75a82882c Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 13:49:22 -0500 Subject: [PATCH 52/80] quiet the bash trace --- scripts/advanced_install.sh | 2 +- scripts/easy_install.backup.sh | 2 +- scripts/easy_install.sh | 2 +- scripts/init.sh | 2 +- scripts/install.sh | 2 +- scripts/setup-Ansible.sh | 2 +- scripts/setup-Dev.sh | 2 +- scripts/setup-Docker.sh | 2 +- scripts/setup-Keys.sh | 2 +- scripts/setup-Molecule.sh | 2 +- scripts/setup-Terraform.sh | 2 +- scripts/setup-Virtual-Env.sh | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/scripts/advanced_install.sh b/scripts/advanced_install.sh index 773251f..25ee9d8 100755 --- a/scripts/advanced_install.sh +++ b/scripts/advanced_install.sh @@ -91,7 +91,7 @@ function parse_params() { ;; --verbose | -v) - set -x + # set -x NO_COLOR=1 GIT_TRACE=true diff --git a/scripts/easy_install.backup.sh b/scripts/easy_install.backup.sh index 441ec7b..e179132 100644 --- a/scripts/easy_install.backup.sh +++ b/scripts/easy_install.backup.sh @@ -259,7 +259,7 @@ parse_args() { shift ;; --verbose | -v) - set -x + # set -x shift ;; *) diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 0012ff5..c3778f1 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -199,7 +199,7 @@ function parse_params() { --verbose | -v) echo "Verbose output" - set -x + # set -x NO_COLOR=1 GIT_TRACE=true diff --git a/scripts/init.sh b/scripts/init.sh index 3fd0d29..fcf9a9a 100755 --- a/scripts/init.sh +++ b/scripts/init.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x echo "Initializing..." diff --git a/scripts/install.sh b/scripts/install.sh index 5ed107d..109eee1 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x ansible-playbook -u root -i localhost, --connection=local ./install_all.yml diff --git a/scripts/setup-Ansible.sh b/scripts/setup-Ansible.sh index d42776e..e33f3f1 100755 --- a/scripts/setup-Ansible.sh +++ b/scripts/setup-Ansible.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x echo "Installing Ansible..." sudo apt-get update diff --git a/scripts/setup-Dev.sh b/scripts/setup-Dev.sh index e2eee57..f310440 100755 --- a/scripts/setup-Dev.sh +++ b/scripts/setup-Dev.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x echo "Installing development packages" sudo apt-get update diff --git a/scripts/setup-Docker.sh b/scripts/setup-Docker.sh index eac0061..3093aff 100755 --- a/scripts/setup-Docker.sh +++ b/scripts/setup-Docker.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x echo "Installing Docker.." sudo apt-get update diff --git a/scripts/setup-Keys.sh b/scripts/setup-Keys.sh index 90911ca..4568ad0 100755 --- a/scripts/setup-Keys.sh +++ b/scripts/setup-Keys.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x # create a key for the user if it doesn't exist if [[ ! -e /home/${USER}/.ssh/id_rsa.pub ]]; then diff --git a/scripts/setup-Molecule.sh b/scripts/setup-Molecule.sh index bc1247b..bb3384f 100755 --- a/scripts/setup-Molecule.sh +++ b/scripts/setup-Molecule.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x echo "Install Molecule" sudo apt-get update diff --git a/scripts/setup-Terraform.sh b/scripts/setup-Terraform.sh index c510a45..863aa1d 100755 --- a/scripts/setup-Terraform.sh +++ b/scripts/setup-Terraform.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x echo "Installing Terraform..." sudo apt-get update diff --git a/scripts/setup-Virtual-Env.sh b/scripts/setup-Virtual-Env.sh index f133a2f..5edca7b 100755 --- a/scripts/setup-Virtual-Env.sh +++ b/scripts/setup-Virtual-Env.sh @@ -1,5 +1,5 @@ #!/usr/bin/env bash -set -x +# set -x echo "Installing Virtual Environment" sudo apt-get update From 4e792e982f6ff18d278c813351b7cf48e57cad0b Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 15:28:15 -0500 Subject: [PATCH 53/80] update testing instructions --- docs/ubuntu-test-container.md | 4 ++-- docs/{ubuntu_vm_test.md => ubuntu-test-multipass.md} | 0 docs/{ubuntu_rasppi_test.md => ubuntu-test-rasppi.md} | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename docs/{ubuntu_vm_test.md => ubuntu-test-multipass.md} (100%) rename docs/{ubuntu_rasppi_test.md => ubuntu-test-rasppi.md} (100%) diff --git a/docs/ubuntu-test-container.md b/docs/ubuntu-test-container.md index 1839f29..1bd2655 100644 --- a/docs/ubuntu-test-container.md +++ b/docs/ubuntu-test-container.md @@ -15,13 +15,13 @@ The test container can be constructed with any number of technologies. We will want to specify a specific Ubuntu version we want `v22.04`. ```shell -distrobox create --image ubuntu:22.04 --name fts --yes \ +distrobox create --image ubuntu:22.04 --name fts-test-install --yes \ --init --additional-packages "systemd libpam-systemd pipewire-audio-client-libraries" ``` Enter the container ```shell -distrobox enter --name fts +distrobox enter --name fts-test-install ``` ## Use Zero Touch Intallation (ZTI) diff --git a/docs/ubuntu_vm_test.md b/docs/ubuntu-test-multipass.md similarity index 100% rename from docs/ubuntu_vm_test.md rename to docs/ubuntu-test-multipass.md diff --git a/docs/ubuntu_rasppi_test.md b/docs/ubuntu-test-rasppi.md similarity index 100% rename from docs/ubuntu_rasppi_test.md rename to docs/ubuntu-test-rasppi.md From 77a941eaa1700a9598ad723f9582c599553a67be Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 15:44:55 -0500 Subject: [PATCH 54/80] use pyvenv rather than installing the virtualenv package --- docs/ubuntu-test-container.md | 12 ++++++++++-- docs/ubuntu-test-rasppi.md | 13 ++++++++++--- roles/freetakserver/tasks/setup-Ubuntu.yml | 3 ++- roles/freetakserver/tasks/uninstall-Ubuntu.yml | 3 ++- roles/freetakserver_ui/tasks/setup-Ubuntu.yml | 6 ++++-- roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml | 3 ++- roles/python3/tasks/setup-Ubuntu.yml | 3 ++- 7 files changed, 32 insertions(+), 11 deletions(-) diff --git a/docs/ubuntu-test-container.md b/docs/ubuntu-test-container.md index 1bd2655..c0efb45 100644 --- a/docs/ubuntu-test-container.md +++ b/docs/ubuntu-test-container.md @@ -62,11 +62,19 @@ Notice that in the following command the `easy_install.sh` is taken from a working tree, while the branch is from the committed repository. ```bash -sudo bash ${MY_WD}/scripts/easy_install.sh -- --verbose --repo file://${MY_WD}/.git --branch ${MY_BRANCH:-main} --ip-addr ${MY_IPA} +sudo bash ${MY_WD}/scripts/easy_install.sh -- \ + --verbose --repo file://${MY_WD}/.git \ + --branch ${MY_BRANCH:-main} \ + --ip-addr ${MY_IPA} ``` If you want to use Python packages from the https://test.pypi.org repository. ```bash -cat ${MY_WD}/scripts/easy_install.sh | sudo bash -s -- --verbose --repo file://${MY_WD}/.git --branch ${MY_BRANCH:-main} --ip-addr ${MY_IPA} --pypi https://test.pypi.org +cat ${MY_WD}/scripts/easy_install.sh | \ + sudo bash -s -- --verbose \ + --repo file://${MY_WD}/.git \ + --branch ${MY_BRANCH:-main} \ + --ip-addr ${MY_IPA} \ + --pypi https://test.pypi.org ``` ### Configuration diff --git a/docs/ubuntu-test-rasppi.md b/docs/ubuntu-test-rasppi.md index e65c7f7..c80227e 100644 --- a/docs/ubuntu-test-rasppi.md +++ b/docs/ubuntu-test-rasppi.md @@ -30,12 +30,19 @@ to get the `easy_install.sh` from the same repository and branch as the ZTI. The official GitHub is `FreeTAKTeam`, if you are working in a fork you will need to use that. ```bash -export MY_IP=$(ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}') -export MY_GITHUB=FreeTAKTeam +export MY_IPA=$(ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}') +export MY_GITHUB=babeloff +export MY_BRANCH=issue_120 +echo "github: ${MY_GITHUB}, branch: ${MY_BRANCH}, addr: ${MY_IPA}" ```` ```bash -wget -qO - https://raw.githubusercontent.com/${MY_GITHUB}/FreeTAKHub-Installation/main/scripts/easy_install.sh | sudo bash -s -- --verbose --repo https://github.com/${MY_GITHUB}/FreeTAKHub-Installation.git --branch main --ip-addr ${MY_IP} +wget -qO - https://raw.githubusercontent.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHub-Installation/main/scripts/easy_install.sh | \ + sudo bash -s -- \ + --verbose \ + --repo https://github.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHub-Installation.git \ + --branch ${MY_BRANCH:-main} \ + --ip-addr ${MY_IPA} ``` diff --git a/roles/freetakserver/tasks/setup-Ubuntu.yml b/roles/freetakserver/tasks/setup-Ubuntu.yml index c1a0283..2e5b7a8 100644 --- a/roles/freetakserver/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver/tasks/setup-Ubuntu.yml @@ -17,6 +17,7 @@ # - "pip install /FreeTakServer" - name: "Install {{ fts_pip_package_name }}" - pip: + ansible.builtin.pip: name: "{{ fts_pip_package_name }}=={{ fts_version }}" virtualenv: "{{ fts_venv }}" + virtualenv_command: pyvenv diff --git a/roles/freetakserver/tasks/uninstall-Ubuntu.yml b/roles/freetakserver/tasks/uninstall-Ubuntu.yml index 49403ab..f1041b7 100644 --- a/roles/freetakserver/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver/tasks/uninstall-Ubuntu.yml @@ -11,10 +11,11 @@ state: absent - name: Uninstall - pip: + ansible.builtin.pip: name: "{{ fts_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" + virtualenv_command: pyvenv - name: Remove files file: diff --git a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml index 79158cb..ddbab20 100644 --- a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml @@ -10,11 +10,13 @@ name: "{{ fts_ui_apt_packages }}" - name: "Install pip packages" - pip: + ansible.builtin.pip: name: "{{ fts_ui_pip_packages }}" virtualenv: "{{ fts_venv }}" + virtualenv_command: pyvenv - name: "Install {{ fts_ui_pip_package_name }}" - pip: + ansible.builtin.pip: name: "{{ fts_ui_pip_package_name }}" virtualenv: "{{ fts_venv }}" + virtualenv_command: pyvenv diff --git a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml index 7e14199..eef1b3c 100644 --- a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml @@ -11,7 +11,8 @@ state: absent - name: Uninstall - pip: + ansible.builtin.pip: name: "{{ fts_ui_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" + virtualenv_command: pyvenv diff --git a/roles/python3/tasks/setup-Ubuntu.yml b/roles/python3/tasks/setup-Ubuntu.yml index 1c3dcf3..aeb5dbb 100644 --- a/roles/python3/tasks/setup-Ubuntu.yml +++ b/roles/python3/tasks/setup-Ubuntu.yml @@ -7,7 +7,8 @@ name: "{{ python3_apt_packages }}" - name: "Install pip packages" - pip: + ansible.builtin.pip: name: "{{ pip3_packages }}" virtualenv: "{{ fts_venv }}" + virtualenv_command: pyvenv # extra_args: --force-reinstall From bbb2f9e688b9a69e4fb9024323d463739bdbb20b Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 15:57:59 -0500 Subject: [PATCH 55/80] virtualevn install --- .devcontainer/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index be33501..ea56e0f 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,4 +1,4 @@ FROM mcr.microsoft.com/devcontainers/base:ubuntu-22.04 RUN apt-get update \ && apt-get install -y python3 python3-pip \ - && pip3 install --upgrade pip + && pip3 install --upgrade pip virtualenv From 7dc7c839d6b3f46dc6cd7a3533d46a61abca6458 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 15:58:11 -0500 Subject: [PATCH 56/80] install virtualenv via pip --- roles/freetakserver/tasks/setup-Ubuntu.yml | 2 +- roles/freetakserver/tasks/uninstall-Ubuntu.yml | 2 +- roles/freetakserver_ui/tasks/setup-Ubuntu.yml | 4 ++-- roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml | 2 +- roles/python3/tasks/setup-Ubuntu.yml | 2 +- scripts/easy_install.sh | 1 + 6 files changed, 7 insertions(+), 6 deletions(-) diff --git a/roles/freetakserver/tasks/setup-Ubuntu.yml b/roles/freetakserver/tasks/setup-Ubuntu.yml index 2e5b7a8..5a4322e 100644 --- a/roles/freetakserver/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver/tasks/setup-Ubuntu.yml @@ -20,4 +20,4 @@ ansible.builtin.pip: name: "{{ fts_pip_package_name }}=={{ fts_version }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: pyvenv + virtualenv_command: virtualenv diff --git a/roles/freetakserver/tasks/uninstall-Ubuntu.yml b/roles/freetakserver/tasks/uninstall-Ubuntu.yml index f1041b7..4d3f39f 100644 --- a/roles/freetakserver/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver/tasks/uninstall-Ubuntu.yml @@ -15,7 +15,7 @@ name: "{{ fts_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: pyvenv + virtualenv_command: virtualenv - name: Remove files file: diff --git a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml index ddbab20..c6009cd 100644 --- a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml @@ -13,10 +13,10 @@ ansible.builtin.pip: name: "{{ fts_ui_pip_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: pyvenv + virtualenv_command: virtualenv - name: "Install {{ fts_ui_pip_package_name }}" ansible.builtin.pip: name: "{{ fts_ui_pip_package_name }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: pyvenv + virtualenv_command: virtualenv diff --git a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml index eef1b3c..932e99f 100644 --- a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml @@ -15,4 +15,4 @@ name: "{{ fts_ui_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: pyvenv + virtualenv_command: virtualenv diff --git a/roles/python3/tasks/setup-Ubuntu.yml b/roles/python3/tasks/setup-Ubuntu.yml index aeb5dbb..c17ee4f 100644 --- a/roles/python3/tasks/setup-Ubuntu.yml +++ b/roles/python3/tasks/setup-Ubuntu.yml @@ -10,5 +10,5 @@ ansible.builtin.pip: name: "{{ pip3_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: pyvenv + virtualenv_command: virtualenv # extra_args: --force-reinstall diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index c3778f1..4698320 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -615,6 +615,7 @@ function install_python_environment() { python3 -m pip install --force-reinstall jinja2 python3 -m pip install --force-reinstall pyyaml python3 -m pip install --force-reinstall psutil + python3 -m pip install --force-reinstall virtualenv deactivate From 3f5a1e240a2f12d77110011fb6f32b037b4a7411 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 16:11:26 -0500 Subject: [PATCH 57/80] use venv module --- roles/common/vars/Ubuntu.yml | 2 ++ roles/freetakserver/tasks/setup-Ubuntu.yml | 2 +- roles/freetakserver/tasks/uninstall-Ubuntu.yml | 2 +- roles/freetakserver_ui/tasks/setup-Ubuntu.yml | 4 ++-- roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml | 2 +- roles/python3/tasks/setup-Ubuntu.yml | 2 +- 6 files changed, 8 insertions(+), 6 deletions(-) diff --git a/roles/common/vars/Ubuntu.yml b/roles/common/vars/Ubuntu.yml index 08d1ab5..d6938bc 100644 --- a/roles/common/vars/Ubuntu.yml +++ b/roles/common/vars/Ubuntu.yml @@ -1,2 +1,4 @@ --- unit_files_location: /etc/systemd/system +python_exec: /usr/bin/python3 + diff --git a/roles/freetakserver/tasks/setup-Ubuntu.yml b/roles/freetakserver/tasks/setup-Ubuntu.yml index 5a4322e..c672593 100644 --- a/roles/freetakserver/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver/tasks/setup-Ubuntu.yml @@ -20,4 +20,4 @@ ansible.builtin.pip: name: "{{ fts_pip_package_name }}=={{ fts_version }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: virtualenv + virtualenv_command: "{{ python_exec }} -m venv" diff --git a/roles/freetakserver/tasks/uninstall-Ubuntu.yml b/roles/freetakserver/tasks/uninstall-Ubuntu.yml index 4d3f39f..b86191f 100644 --- a/roles/freetakserver/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver/tasks/uninstall-Ubuntu.yml @@ -15,7 +15,7 @@ name: "{{ fts_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: virtualenv + virtualenv_command: "{{ python_exec }} -m venv" - name: Remove files file: diff --git a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml index c6009cd..64518d3 100644 --- a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml @@ -13,10 +13,10 @@ ansible.builtin.pip: name: "{{ fts_ui_pip_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: virtualenv + virtualenv_command: "{{ python_exec }} -m venv" - name: "Install {{ fts_ui_pip_package_name }}" ansible.builtin.pip: name: "{{ fts_ui_pip_package_name }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: virtualenv + virtualenv_command: "{{ python_exec }} -m venv" diff --git a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml index 932e99f..0bc7956 100644 --- a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml @@ -15,4 +15,4 @@ name: "{{ fts_ui_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: virtualenv + virtualenv_command: "{{ python_exec }} -m venv" diff --git a/roles/python3/tasks/setup-Ubuntu.yml b/roles/python3/tasks/setup-Ubuntu.yml index c17ee4f..0c7f0d2 100644 --- a/roles/python3/tasks/setup-Ubuntu.yml +++ b/roles/python3/tasks/setup-Ubuntu.yml @@ -10,5 +10,5 @@ ansible.builtin.pip: name: "{{ pip3_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: virtualenv + virtualenv_command: "{{ python_exec }} -m venv" # extra_args: --force-reinstall From 6d21d8752e446c5bcf449467d277d4c80cab6463 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 16:14:59 -0500 Subject: [PATCH 58/80] must install venv with python3-venv --- scripts/easy_install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 4698320..d44d8cc 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -605,7 +605,7 @@ function download_dependencies() { ############################################################################### function install_python_environment() { apt-get update - apt-get install -y python3-pip python3-setuptools + apt-get install -y python3-pip python3-setuptools python3-venv apt-get install -y python${PY3_VER}-dev python${PY3_VER}-venv libpython${PY3_VER}-dev /usr/bin/python${PY3_VER} -m venv ${FTS_VENV} From 2fc14908ad60f2a3414f9f03c0b2a34edb276478 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 16:23:21 -0500 Subject: [PATCH 59/80] python environment not installing properly --- scripts/easy_install.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index d44d8cc..bc9f073 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -605,7 +605,7 @@ function download_dependencies() { ############################################################################### function install_python_environment() { apt-get update - apt-get install -y python3-pip python3-setuptools python3-venv + apt-get install -y python3-pip python3-setuptools apt-get install -y python${PY3_VER}-dev python${PY3_VER}-venv libpython${PY3_VER}-dev /usr/bin/python${PY3_VER} -m venv ${FTS_VENV} @@ -615,7 +615,6 @@ function install_python_environment() { python3 -m pip install --force-reinstall jinja2 python3 -m pip install --force-reinstall pyyaml python3 -m pip install --force-reinstall psutil - python3 -m pip install --force-reinstall virtualenv deactivate @@ -744,7 +743,10 @@ do_checks download_dependencies install_nodejs_environment -[[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]] && install_python_environment +if [[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]]; then + echo "python installation type: ${INSTALL_TYPE}" + install_python_environment +fi handle_git_repository add_passwordless_ansible_execution generate_key_pair From 6f52672d95e74d00fee430bba81ddaa50df59e63 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 16:59:13 -0500 Subject: [PATCH 60/80] move ansible into the python venv --- ansible.config | 0 roles/common/vars/Ubuntu.yml | 2 +- roles/freetakserver/tasks/setup-Ubuntu.yml | 2 +- .../freetakserver/tasks/uninstall-Ubuntu.yml | 2 +- roles/freetakserver_ui/tasks/setup-Ubuntu.yml | 4 +-- .../tasks/uninstall-Ubuntu.yml | 2 +- roles/python3/tasks/setup-Ubuntu.yml | 2 +- scripts/easy_install.sh | 35 +++++++------------ 8 files changed, 19 insertions(+), 30 deletions(-) create mode 100644 ansible.config diff --git a/ansible.config b/ansible.config new file mode 100644 index 0000000..e69de29 diff --git a/roles/common/vars/Ubuntu.yml b/roles/common/vars/Ubuntu.yml index d6938bc..04a75c6 100644 --- a/roles/common/vars/Ubuntu.yml +++ b/roles/common/vars/Ubuntu.yml @@ -1,4 +1,4 @@ --- unit_files_location: /etc/systemd/system -python_exec: /usr/bin/python3 + diff --git a/roles/freetakserver/tasks/setup-Ubuntu.yml b/roles/freetakserver/tasks/setup-Ubuntu.yml index c672593..ef4e3e7 100644 --- a/roles/freetakserver/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver/tasks/setup-Ubuntu.yml @@ -20,4 +20,4 @@ ansible.builtin.pip: name: "{{ fts_pip_package_name }}=={{ fts_version }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ python_exec }} -m venv" + virtualenv_command: "{{ interpreter_python }} -m venv" diff --git a/roles/freetakserver/tasks/uninstall-Ubuntu.yml b/roles/freetakserver/tasks/uninstall-Ubuntu.yml index b86191f..bb19758 100644 --- a/roles/freetakserver/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver/tasks/uninstall-Ubuntu.yml @@ -15,7 +15,7 @@ name: "{{ fts_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ python_exec }} -m venv" + virtualenv_command: "{{ interpreter_python }} -m venv" - name: Remove files file: diff --git a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml index 64518d3..161e9f0 100644 --- a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml @@ -13,10 +13,10 @@ ansible.builtin.pip: name: "{{ fts_ui_pip_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ python_exec }} -m venv" + virtualenv_command: "{{ interpreter_python }} -m venv" - name: "Install {{ fts_ui_pip_package_name }}" ansible.builtin.pip: name: "{{ fts_ui_pip_package_name }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ python_exec }} -m venv" + virtualenv_command: "{{ interpreter_python }} -m venv" diff --git a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml index 0bc7956..3739b4d 100644 --- a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml @@ -15,4 +15,4 @@ name: "{{ fts_ui_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ python_exec }} -m venv" + virtualenv_command: "{{ interpreter_python }} -m venv" diff --git a/roles/python3/tasks/setup-Ubuntu.yml b/roles/python3/tasks/setup-Ubuntu.yml index 0c7f0d2..a2dcaf0 100644 --- a/roles/python3/tasks/setup-Ubuntu.yml +++ b/roles/python3/tasks/setup-Ubuntu.yml @@ -10,5 +10,5 @@ ansible.builtin.pip: name: "{{ pip3_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ python_exec }} -m venv" + virtualenv_command: "{{ interpreter_python }} -m venv" # extra_args: --force-reinstall diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index bc9f073..6dea434 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -556,8 +556,6 @@ function download_dependencies() { echo -e "${BLUE}Downloading dependencies...${NOFORMAT}" - echo -e "${BLUE}Adding the Ansible Personal Package Archive (PPA)...${NOFORMAT}" - # dpkg --list | grep -q needrestart && NEEDRESTART=1 # [[ 0 -eq $NEEDRESTART ]] || apt-get remove --yes needrestart x=$(find /etc/apt/apt.conf.d -name "*needrestart*") @@ -580,21 +578,11 @@ function download_dependencies() { # package by default, so install it if not installed which apt-add-repository >/dev/null || apt-get --yes install software-properties-common - apt-add-repository -y ppa:ansible/ansible - echo -e "${BLUE}Downloading package information from configured sources...${NOFORMAT}" - apt-get -y ${APT_VERBOSITY--qq} update - echo -e "${BLUE}Installing Ansible...${NOFORMAT}" - apt-get -y ${APT_VERBOSITY--qq} install ansible - echo -e "${BLUE}Installing Git...${NOFORMAT}" apt-get -y ${APT_VERBOSITY--qq} install git - - echo -e "${BLUE}Installing NodeJs...${NOFORMAT}" - apt-get -y ${APT_VERBOSITY--qq} install npm - } ############################################################################### @@ -603,8 +591,11 @@ function download_dependencies() { # the installer, Ansible, and its dependencies (e.g. jinja2) and # the application being installed, FTS, and its dependencies. ############################################################################### -function install_python_environment() { - apt-get update +function activate_python_env() { + + if [[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]]; then + echo "python installation type: ${INSTALL_TYPE}" + fi apt-get install -y python3-pip python3-setuptools apt-get install -y python${PY3_VER}-dev python${PY3_VER}-venv libpython${PY3_VER}-dev @@ -612,12 +603,10 @@ function install_python_environment() { source ${FTS_VENV}/bin/activate python3 -m pip install --upgrade pip + python3 -m pip install --force-reinstall ansible python3 -m pip install --force-reinstall jinja2 python3 -m pip install --force-reinstall pyyaml python3 -m pip install --force-reinstall psutil - - deactivate - } ############################################################################### @@ -626,7 +615,10 @@ function install_python_environment() { # curl -L https://bit.ly/n-install | bash # see https://github.com/dceejay/RedMap/blob/master/package.json for the dependencies. ############################################################################### -function install_nodejs_environment() { +function activate_nodejs_env() { + echo -e "${BLUE}Installing NodeJs...${NOFORMAT}" + apt-get -y ${APT_VERBOSITY--qq} install npm + sudo npm install -g n sudo n 18.20.4 } @@ -741,12 +733,9 @@ set_versions do_checks download_dependencies -install_nodejs_environment +activate_nodejs_env +activate_python_env -if [[ "$DEFAULT_INSTALL_TYPE" == "$INSTALL_TYPE" ]]; then - echo "python installation type: ${INSTALL_TYPE}" - install_python_environment -fi handle_git_repository add_passwordless_ansible_execution generate_key_pair From 66e27d8cbd76334dde22740b305ca9ecfbb68a75 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 17:06:10 -0500 Subject: [PATCH 61/80] echo command line args --- scripts/easy_install.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/scripts/easy_install.sh b/scripts/easy_install.sh index 6dea434..d9f03dd 100755 --- a/scripts/easy_install.sh +++ b/scripts/easy_install.sh @@ -209,6 +209,7 @@ function parse_params() { ANSIBLE_VERBOSITY="-vvvvv" shift + echo "Running VERBOSE" ;; --check | -c) @@ -292,11 +293,13 @@ function parse_params() { if [[ -d ~/FreeTAKHub-Installation ]] then rm -rf ~/FreeTAKHub-Installation fi + echo "Using Git Repository: ${REPO}" ;; --branch) BRANCH=$2 shift 2 + echo "Using Branch: ${BRANCH}" ;; --dev-test) @@ -316,10 +319,10 @@ function parse_params() { ;; --pypi) - # PIP_EXTRA_INDEX_URL is special. - # If after pip checks the primary index-url; - # it does not find the source, - # it will check the extra-index.url repositories. + # PIP_EXTRA_INDEX_URL is special. + # If after pip checks the primary index-url; + # it does not find the source, + # it will check the extra-index.url repositories. export PIP_EXTRA_INDEX_URL=$2 shift 2 echo "Using the extra pypi URL of ${PIP_EXTRA_INDEX_URL}" From 43ad1381f9b7f818ab261831dec9f0a2f839520a Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 17:14:36 -0500 Subject: [PATCH 62/80] the easy_install.sh needs a branch specifier --- docs/ubuntu-test-rasppi.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/ubuntu-test-rasppi.md b/docs/ubuntu-test-rasppi.md index c80227e..e0ffdbb 100644 --- a/docs/ubuntu-test-rasppi.md +++ b/docs/ubuntu-test-rasppi.md @@ -37,7 +37,7 @@ echo "github: ${MY_GITHUB}, branch: ${MY_BRANCH}, addr: ${MY_IPA}" ```` ```bash -wget -qO - https://raw.githubusercontent.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHub-Installation/main/scripts/easy_install.sh | \ +wget -qO - https://raw.githubusercontent.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHub-Installation/${MY_BRANCH:-main}/scripts/easy_install.sh | \ sudo bash -s -- \ --verbose \ --repo https://github.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHub-Installation.git \ From ba07c1d842338addb49479ca029bb68b33d78a7c Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 17:27:47 -0500 Subject: [PATCH 63/80] use the ansible python interpreter to install venv --- roles/common/vars/Ubuntu.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/common/vars/Ubuntu.yml b/roles/common/vars/Ubuntu.yml index 04a75c6..bfd46b6 100644 --- a/roles/common/vars/Ubuntu.yml +++ b/roles/common/vars/Ubuntu.yml @@ -1,4 +1,4 @@ --- unit_files_location: /etc/systemd/system - +venv_python: {{ ansible_python_interpreter }} From c506c823aede7e82c86fc52b99690492069e7600 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 17:28:47 -0500 Subject: [PATCH 64/80] use ansible python to set venv python --- roles/freetakserver/tasks/setup-Ubuntu.yml | 2 +- roles/freetakserver/tasks/uninstall-Ubuntu.yml | 2 +- roles/freetakserver_ui/tasks/setup-Ubuntu.yml | 4 ++-- roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml | 2 +- roles/python3/tasks/setup-Ubuntu.yml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/freetakserver/tasks/setup-Ubuntu.yml b/roles/freetakserver/tasks/setup-Ubuntu.yml index ef4e3e7..053589b 100644 --- a/roles/freetakserver/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver/tasks/setup-Ubuntu.yml @@ -20,4 +20,4 @@ ansible.builtin.pip: name: "{{ fts_pip_package_name }}=={{ fts_version }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ interpreter_python }} -m venv" + virtualenv_command: "{{ venv_python }} -m venv" diff --git a/roles/freetakserver/tasks/uninstall-Ubuntu.yml b/roles/freetakserver/tasks/uninstall-Ubuntu.yml index bb19758..12f8024 100644 --- a/roles/freetakserver/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver/tasks/uninstall-Ubuntu.yml @@ -15,7 +15,7 @@ name: "{{ fts_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ interpreter_python }} -m venv" + virtualenv_command: "{{ venv_python }} -m venv" - name: Remove files file: diff --git a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml index 161e9f0..63455a8 100644 --- a/roles/freetakserver_ui/tasks/setup-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/setup-Ubuntu.yml @@ -13,10 +13,10 @@ ansible.builtin.pip: name: "{{ fts_ui_pip_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ interpreter_python }} -m venv" + virtualenv_command: "{{ venv_python }} -m venv" - name: "Install {{ fts_ui_pip_package_name }}" ansible.builtin.pip: name: "{{ fts_ui_pip_package_name }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ interpreter_python }} -m venv" + virtualenv_command: "{{ venv_python }} -m venv" diff --git a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml index 3739b4d..453220b 100644 --- a/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml +++ b/roles/freetakserver_ui/tasks/uninstall-Ubuntu.yml @@ -15,4 +15,4 @@ name: "{{ fts_ui_pip_package_name }}" state: absent virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ interpreter_python }} -m venv" + virtualenv_command: "{{ venv_python }} -m venv" diff --git a/roles/python3/tasks/setup-Ubuntu.yml b/roles/python3/tasks/setup-Ubuntu.yml index a2dcaf0..fc47ab9 100644 --- a/roles/python3/tasks/setup-Ubuntu.yml +++ b/roles/python3/tasks/setup-Ubuntu.yml @@ -10,5 +10,5 @@ ansible.builtin.pip: name: "{{ pip3_packages }}" virtualenv: "{{ fts_venv }}" - virtualenv_command: "{{ interpreter_python }} -m venv" + virtualenv_command: "{{ venv_python }} -m venv" # extra_args: --force-reinstall From 2bbb5a977c75ac72dafa7ee686009c8448ed846d Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 17:33:16 -0500 Subject: [PATCH 65/80] missed quotes on venv python variable --- roles/common/vars/Ubuntu.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/common/vars/Ubuntu.yml b/roles/common/vars/Ubuntu.yml index bfd46b6..9b38ae4 100644 --- a/roles/common/vars/Ubuntu.yml +++ b/roles/common/vars/Ubuntu.yml @@ -1,4 +1,4 @@ --- unit_files_location: /etc/systemd/system -venv_python: {{ ansible_python_interpreter }} +venv_python: "{{ ansible_python_interpreter }}" From e3f9682ce72332b7f6a4c90662d170ed916a6963 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Tue, 8 Oct 2024 18:13:28 -0500 Subject: [PATCH 66/80] not picking up correct python --- roles/common/vars/Ubuntu.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/common/vars/Ubuntu.yml b/roles/common/vars/Ubuntu.yml index 9b38ae4..84d495c 100644 --- a/roles/common/vars/Ubuntu.yml +++ b/roles/common/vars/Ubuntu.yml @@ -1,4 +1,6 @@ --- unit_files_location: /etc/systemd/system -venv_python: "{{ ansible_python_interpreter }}" +# venv_python: "{{ ansible_python_interpreter }}" + +venv_python: "python" From 87a55798fd2a7267d110c8799f6844b111658c95 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Wed, 9 Oct 2024 07:14:35 -0500 Subject: [PATCH 67/80] save ansible.cfg --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 9299170..81025c2 100644 --- a/.gitignore +++ b/.gitignore @@ -60,7 +60,7 @@ terraform.rc # ansible ansible_log.rb -ansible.cfg + /.vagrant/bundler/global.sol /.vagrant/machines/default/digital_ocean/action_provision /.vagrant/machines/default/digital_ocean/creator_uid From fd64b898f142f953d9bd84e2d725c4cb6aa57a5e Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Fri, 11 Oct 2024 15:52:07 +0000 Subject: [PATCH 68/80] removed local versions of certain flows They have long since been moved to their own repositories. --- ansible.cfg | 696 ++++++++ ansible.config | 0 roles/nodered/defaults/main.yml | 8 +- roles/nodered/tasks/configure-Ubuntu.yml | 45 +- roles/nodered/templates/global-config.json.j2 | 44 + roles/nodered/templates/old.flows.json.j2 | 1479 ----------------- roles/nodered/templates/old.salute.json.j2 | 313 ---- roles/nodered/templates/salute.json.j2 | 295 ---- roles/nodered/templates/webmap.json.j2 | 504 ------ scripts/easy_install.backup.sh | 2 +- 10 files changed, 756 insertions(+), 2630 deletions(-) create mode 100644 ansible.cfg delete mode 100644 ansible.config create mode 100644 roles/nodered/templates/global-config.json.j2 delete mode 100644 roles/nodered/templates/old.flows.json.j2 delete mode 100644 roles/nodered/templates/old.salute.json.j2 delete mode 100644 roles/nodered/templates/salute.json.j2 delete mode 100644 roles/nodered/templates/webmap.json.j2 diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..17c9350 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,696 @@ +[defaults] +# (boolean) By default, Ansible will issue a warning when received from a task action (module or action plugin). +# These warnings can be silenced by adjusting this setting to False. +action_warnings=True + +# (list) Accept a list of cowsay templates that are 'safe' to use, set to an empty list if you want to enable all installed templates. +cowsay_enabled_stencils=bud-frogs, bunny, cheese, daemon, default, dragon, elephant-in-snake, elephant, eyes, hellokitty, kitty, luke-koala, meow, milk, moofasa, moose, ren, sheep, small, stegosaurus, stimpy, supermilker, three-eyes, turkey, turtle, tux, udder, vader-koala, vader, www + +# (string) Specify a custom cowsay path or swap in your cowsay implementation of choice. +cowpath= + +# (string) This allows you to choose a specific cowsay stencil for the banners or use 'random' to cycle through them. +cow_selection=default + +# (boolean) This option forces color mode even when running without a TTY or the "nocolor" setting is True. +force_color=False + +# (path) The default root path for Ansible config files on the controller. +home=~/.ansible + +# (boolean) This setting allows suppressing colorizing output, which is used to give a better indication of failure and status information. +nocolor=False + +# (boolean) If you have cowsay installed but want to avoid the 'cows' (why????), use this. +nocows=False + +# (boolean) Sets the default value for the any_errors_fatal keyword, if True, Task failures will be considered fatal errors. +any_errors_fatal=False + +# (path) The password file to use for the become plugin. ``--become-password-file``. +# If executable, it will be run and the resulting stdout will be used as the password. +become_password_file= + +# (pathspec) Colon-separated paths in which Ansible will search for Become Plugins. +become_plugins=/var/home/phreed/.ansible/plugins/become:/usr/share/ansible/plugins/become + +# (string) Chooses which cache plugin to use, the default 'memory' is ephemeral. +fact_caching=memory + +# (string) Defines connection or path information for the cache plugin. +fact_caching_connection= + +# (string) Prefix to use for cache plugin files/tables. +fact_caching_prefix=ansible_facts + +# (integer) Expiration timeout for the cache plugin data. +fact_caching_timeout=86400 + +# (list) List of enabled callbacks, not all callbacks need enabling, but many of those shipped with Ansible do as we don't want them activated by default. +callbacks_enabled= + +# (string) When a collection is loaded that does not support the running Ansible version (with the collection metadata key `requires_ansible`). +collections_on_ansible_version_mismatch=warning + +# (pathspec) Colon-separated paths in which Ansible will search for collections content. Collections must be in nested *subdirectories*, not directly in these directories. For example, if ``COLLECTIONS_PATHS`` includes ``'{{ ANSIBLE_HOME ~ "/collections" }}'``, and you want to add ``my.collection`` to that directory, it must be saved as ``'{{ ANSIBLE_HOME} ~ "/collections/ansible_collections/my/collection" }}'``. + +collections_path=/var/home/phreed/.ansible/collections:/usr/share/ansible/collections + +# (boolean) A boolean to enable or disable scanning the sys.path for installed collections. +collections_scan_sys_path=True + +# (path) The password file to use for the connection plugin. ``--connection-password-file``. +connection_password_file= + +# (pathspec) Colon-separated paths in which Ansible will search for Action Plugins. +action_plugins=/var/home/phreed/.ansible/plugins/action:/usr/share/ansible/plugins/action + +# (boolean) When enabled, this option allows lookup plugins (whether used in variables as ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked 'unsafe'. +# By default, such data is marked as unsafe to prevent the templating engine from evaluating any jinja2 templating language, as this could represent a security risk. This option is provided to allow for backward compatibility, however, users should first consider adding allow_unsafe=True to any lookups that may be expected to contain data that may be run through the templating engine late. +allow_unsafe_lookups=False + +# (boolean) This controls whether an Ansible playbook should prompt for a login password. If using SSH keys for authentication, you probably do not need to change this setting. +ask_pass=False + +# (boolean) This controls whether an Ansible playbook should prompt for a vault password. +ask_vault_pass=False + +# (pathspec) Colon-separated paths in which Ansible will search for Cache Plugins. +cache_plugins=/var/home/phreed/.ansible/plugins/cache:/usr/share/ansible/plugins/cache + +# (pathspec) Colon-separated paths in which Ansible will search for Callback Plugins. +callback_plugins=/var/home/phreed/.ansible/plugins/callback:/usr/share/ansible/plugins/callback + +# (pathspec) Colon-separated paths in which Ansible will search for Cliconf Plugins. +cliconf_plugins=/var/home/phreed/.ansible/plugins/cliconf:/usr/share/ansible/plugins/cliconf + +# (pathspec) Colon-separated paths in which Ansible will search for Connection Plugins. +connection_plugins=/var/home/phreed/.ansible/plugins/connection:/usr/share/ansible/plugins/connection + +# (boolean) Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing. Debug output can also include secret information despite no_log settings being enabled, which means debug mode should not be used in production. +debug=False + +# (string) This indicates the command to use to spawn a shell under, which is required for Ansible's execution needs on a target. Users may need to change this in rare instances when shell usage is constrained, but in most cases, it may be left as is. +executable=/bin/sh + +# (string) This option allows you to globally configure a custom path for 'local_facts' for the implied :ref:`ansible_collections.ansible.builtin.setup_module` task when using fact gathering. +# If not set, it will fall back to the default from the ``ansible.builtin.setup`` module: ``/etc/ansible/facts.d``. +# This does **not** affect user defined tasks that use the ``ansible.builtin.setup`` module. +# The real action being created by the implicit task is currently ``ansible.legacy.gather_facts`` module, which then calls the configured fact modules, by default this will be ``ansible.builtin.setup`` for POSIX systems but other platforms might have different defaults. +fact_path= + +# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Filter Plugins. +filter_plugins=/var/home/phreed/.ansible/plugins/filter:/usr/share/ansible/plugins/filter + +# (boolean) This option controls if notified handlers run on a host even if a failure occurs on that host. +# When false, the handlers will not run if a failure has occurred on a host. +# This can also be set per play or on the command line. See Handlers and Failure for more details. +force_handlers=False + +# (integer) Maximum number of forks Ansible will use to execute tasks on target hosts. +forks=5 + +# (string) This setting controls the default policy of fact gathering (facts discovered about remote systems). +# This option can be useful for those wishing to save fact gathering time. Both 'smart' and 'explicit' will use the cache plugin. +gathering=implicit + +# (list) Set the `gather_subset` option for the :ref:`ansible_collections.ansible.builtin.setup_module` task in the implicit fact gathering. See the module documentation for specifics. +# It does **not** apply to user defined ``ansible.builtin.setup`` tasks. +gather_subset= + +# (integer) Set the timeout in seconds for the implicit fact gathering, see the module documentation for specifics. +# It does **not** apply to user defined :ref:`ansible_collections.ansible.builtin.setup_module` tasks. +gather_timeout= + +# (string) This setting controls how duplicate definitions of dictionary variables (aka hash, map, associative array) are handled in Ansible. +# This does not affect variables whose values are scalars (integers, strings) or arrays. +# **WARNING**, changing this setting is not recommended as this is fragile and makes your content (plays, roles, collections) nonportable, leading to continual confusion and misuse. Don't change this setting unless you think you have an absolute need for it. +# We recommend avoiding reusing variable names and relying on the ``combine`` filter and ``vars`` and ``varnames`` lookups to create merged versions of the individual variables. In our experience, this is rarely needed and is a sign that too much complexity has been introduced into the data structures and plays. +# For some uses you can also look into custom vars_plugins to merge on input, even substituting the default ``host_group_vars`` that is in charge of parsing the ``host_vars/`` and ``group_vars/`` directories. Most users of this setting are only interested in inventory scope, but the setting itself affects all sources and makes debugging even harder. +# All playbooks and roles in the official examples repos assume the default for this setting. +# Changing the setting to ``merge`` applies across variable sources, but many sources will internally still overwrite the variables. For example ``include_vars`` will dedupe variables internally before updating Ansible, with 'last defined' overwriting previous definitions in same file. +# The Ansible project recommends you **avoid ``merge`` for new projects.** +# It is the intention of the Ansible developers to eventually deprecate and remove this setting, but it is being kept as some users do heavily rely on it. New projects should **avoid 'merge'**. +hash_behaviour=replace + +# (pathlist) Comma-separated list of Ansible inventory sources +inventory=/etc/ansible/hosts + +# (pathspec) Colon-separated paths in which Ansible will search for HttpApi Plugins. +httpapi_plugins=/var/home/phreed/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi + +# (float) This sets the interval (in seconds) of Ansible internal processes polling each other. Lower values improve performance with large playbooks at the expense of extra CPU load. Higher values are more suitable for Ansible usage in automation scenarios when UI responsiveness is not required but CPU usage might be a concern. +# The default corresponds to the value hardcoded in Ansible <= 2.1 +internal_poll_interval=0.001 + +# (pathspec) Colon-separated paths in which Ansible will search for Inventory Plugins. +inventory_plugins=/var/home/phreed/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory + +# (string) This is a developer-specific feature that allows enabling additional Jinja2 extensions. +# See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :) +jinja2_extensions=[] + +# (boolean) This option preserves variable types during template operations. +jinja2_native=False + +# (boolean) Enables/disables the cleaning up of the temporary files Ansible used to execute the tasks on the remote. +# If this option is enabled it will disable ``ANSIBLE_PIPELINING``. +keep_remote_files=False + +# (boolean) Controls whether callback plugins are loaded when running /usr/bin/ansible. This may be used to log activity from the command line, send notifications, and so on. Callback plugins are always loaded for ``ansible-playbook``. +bin_ansible_callbacks=False + +# (tmppath) Temporary directory for Ansible to use on the controller. +local_tmp=/var/home/phreed/.ansible/tmp + +# (list) List of logger names to filter out of the log file. +log_filter= + +# (path) File to which Ansible will log on the controller. When empty logging is disabled. +log_path= + +# (pathspec) Colon-separated paths in which Ansible will search for Lookup Plugins. +lookup_plugins=/var/home/phreed/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup + +# (string) Sets the macro for the 'ansible_managed' variable available for :ref:`ansible_collections.ansible.builtin.template_module` and :ref:`ansible_collections.ansible.windows.win_template_module`. This is only relevant to those two modules. +ansible_managed=Ansible managed + +# (string) This sets the default arguments to pass to the ``ansible`` adhoc binary if no ``-a`` is specified. +module_args= + +# (string) Compression scheme to use when transferring Python modules to the target. +module_compression=ZIP_DEFLATED + +# (string) Module to use with the ``ansible`` AdHoc command, if none is specified via ``-m``. +module_name=command + +# (pathspec) Colon-separated paths in which Ansible will search for Modules. +library=/var/home/phreed/.ansible/plugins/modules:/usr/share/ansible/plugins/modules + +# (pathspec) Colon-separated paths in which Ansible will search for Module utils files, which are shared by modules. +module_utils=/var/home/phreed/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils + +# (pathspec) Colon-separated paths in which Ansible will search for Netconf Plugins. +netconf_plugins=/var/home/phreed/.ansible/plugins/netconf:/usr/share/ansible/plugins/netconf + +# (boolean) Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures. +no_log=False + +# (boolean) Toggle Ansible logging to syslog on the target when it executes tasks. On Windows hosts, this will disable a newer style PowerShell modules from writing to the event log. +no_target_syslog=False + +# (raw) What templating should return as a 'null' value. When not set it will let Jinja2 decide. +null_representation= + +# (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how often to check back on the status of those tasks when an explicit poll interval is not supplied. The default is a reasonably moderate 15 seconds which is a tradeoff between checking in frequently and providing a quick turnaround when something may have completed. +poll_interval=15 + +# (path) Option for connections using a certificate or key file to authenticate, rather than an agent or passwords, you can set the default value here to avoid re-specifying ``--private-key`` with every invocation. +private_key_file= + +# (boolean) By default, imported roles publish their variables to the play and other roles, this setting can avoid that. +# This was introduced as a way to reset role variables to default values if a role is used more than once in a playbook. +# Starting in version '2.17' M(ansible.builtin.include_roles) and M(ansible.builtin.import_roles) can individually override this via the C(public) parameter. +# Included roles only make their variables public at execution, unlike imported roles which happen at playbook compile time. +private_role_vars=False + +# (integer) Port to use in remote connections, when blank it will use the connection plugin default. +remote_port= + +# (string) Sets the login user for the target machines +# When blank it uses the connection plugin's default, normally the user currently executing Ansible. +remote_user= + +# (pathspec) Colon-separated paths in which Ansible will search for Roles. +roles_path=/var/home/phreed/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles + +# (string) Set the main callback used to display Ansible output. You can only have one at a time. +# You can have many other callbacks, but just one can be in charge of stdout. +# See :ref:`callback_plugins` for a list of available options. +stdout_callback=default + +# (string) Set the default strategy used for plays. +strategy=linear + +# (pathspec) Colon-separated paths in which Ansible will search for Strategy Plugins. +strategy_plugins=/var/home/phreed/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy + +# (boolean) Toggle the use of "su" for tasks. +su=False + +# (string) Syslog facility to use when Ansible logs to the remote target. +syslog_facility=LOG_USER + +# (pathspec) Colon-separated paths in which Ansible will search for Terminal Plugins. +terminal_plugins=/var/home/phreed/.ansible/plugins/terminal:/usr/share/ansible/plugins/terminal + +# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Test Plugins. +test_plugins=/var/home/phreed/.ansible/plugins/test:/usr/share/ansible/plugins/test + +# (integer) This is the default timeout for connection plugins to use. +timeout=10 + +# (string) Can be any connection plugin available to your ansible installation. +# There is also a (DEPRECATED) special 'smart' option, that will toggle between 'ssh' and 'paramiko' depending on controller OS and ssh versions. +transport=ssh + +# (boolean) When True, this causes ansible templating to fail steps that reference variable names that are likely typoed. +# Otherwise, any '{{ template_expression }}' that contains undefined variables will be rendered in a template or ansible action line exactly as written. +error_on_undefined_vars=True + +# (pathspec) Colon-separated paths in which Ansible will search for Vars Plugins. +vars_plugins=/var/home/phreed/.ansible/plugins/vars:/usr/share/ansible/plugins/vars + +# (string) The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The ``--encrypt-vault-id`` CLI option overrides the configured value. +vault_encrypt_identity= + +# (string) The label to use for the default vault id label in cases where a vault id label is not provided. +vault_identity=default + +# (list) A list of vault-ids to use by default. Equivalent to multiple ``--vault-id`` args. Vault-ids are tried in order. +vault_identity_list= + +# (string) If true, decrypting vaults with a vault id will only try the password from the matching vault-id. +vault_id_match=False + +# (path) The vault password file to use. Equivalent to ``--vault-password-file`` or ``--vault-id``. +# If executable, it will be run and the resulting stdout will be used as the password. +vault_password_file= + +# (integer) Sets the default verbosity, equivalent to the number of ``-v`` passed in the command line. +verbosity=0 + +# (boolean) Toggle to control the showing of deprecation warnings +deprecation_warnings=True + +# (boolean) Toggle to control showing warnings related to running devel. +devel_warning=True + +# (boolean) Normally ``ansible-playbook`` will print a header for each task that is run. These headers will contain the name: field from the task if you specified one. If you didn't then ``ansible-playbook`` uses the task's action to help you tell which task is presently running. Sometimes you run many of the same action and so you want more information about the task to differentiate it from others of the same action. If you set this variable to True in the config then ``ansible-playbook`` will also include the task's arguments in the header. +# This setting defaults to False because there is a chance that you have sensitive values in your parameters and you do not want those to be printed. +# If you set this to True you should be sure that you have secured your environment's stdout (no one can shoulder surf your screen and you aren't saving stdout to an insecure file) or made sure that all of your playbooks explicitly added the ``no_log: True`` parameter to tasks that have sensitive values :ref:`keep_secret_data` for more information. +display_args_to_stdout=False + +# (boolean) Toggle to control displaying skipped task/host entries in a task in the default callback. +display_skipped_hosts=True + +# (string) Root docsite URL used to generate docs URLs in warning/error text; must be an absolute URL with a valid scheme and trailing slash. +docsite_root_url=https://docs.ansible.com/ansible-core/ + +# (pathspec) Colon-separated paths in which Ansible will search for Documentation Fragments Plugins. +doc_fragment_plugins=/var/home/phreed/.ansible/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments + +# (string) By default, Ansible will issue a warning when a duplicate dict key is encountered in YAML. +# These warnings can be silenced by adjusting this setting to False. +duplicate_dict_key=warn + +# (boolean) Whether or not to enable the task debugger, this previously was done as a strategy plugin. +# Now all strategy plugins can inherit this behavior. The debugger defaults to activating when +# a task is failed on unreachable. Use the debugger keyword for more flexibility. +enable_task_debugger=False + +# (boolean) Toggle to allow missing handlers to become a warning instead of an error when notifying. +error_on_missing_handler=True + +# (list) Which modules to run during a play's fact gathering stage, using the default of 'smart' will try to figure it out based on connection type. +# If adding your own modules but you still want to use the default Ansible facts, you will want to include 'setup' or corresponding network module to the list (if you add 'smart', Ansible will also figure it out). +# This does not affect explicit calls to the 'setup' module, but does always affect the 'gather_facts' action (implicit or explicit). +facts_modules=smart + +# (boolean) Set this to "False" if you want to avoid host key checking by the underlying connection plugin Ansible uses to connect to the host. +# Please read the documentation of the specific connection plugin used for details. +host_key_checking=True + +# (boolean) Facts are available inside the `ansible_facts` variable, this setting also pushes them as their own vars in the main namespace. +# Unlike inside the `ansible_facts` dictionary where the prefix `ansible_` is removed from fact names, these will have the exact names that are returned by the module. +inject_facts_as_vars=True + +# (string) Path to the Python interpreter to be used for module execution on remote targets, or an automatic discovery mode. Supported discovery modes are ``auto`` (the default), ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes employ a lookup table to use the included system Python (on distributions known to include one), falling back to a fixed ordered list of well-known Python interpreter locations if a platform-specific default is not available. The fallback behavior will issue a warning that the interpreter should be set explicitly (since interpreters installed later may change which one is used). This warning behavior can be disabled by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy`` provides all the same behavior, but for backward-compatibility with older Ansible releases that always defaulted to ``/usr/bin/python``, will use that interpreter if present. +interpreter_python=auto + +# (boolean) If 'false', invalid attributes for a task will result in warnings instead of errors. +invalid_task_attribute_failed=True + +# (boolean) By default, Ansible will issue a warning when there are no hosts in the inventory. +# These warnings can be silenced by adjusting this setting to False. +localhost_warning=True + +# (int) This will set log verbosity if higher than the normal display verbosity, otherwise it will match that. +log_verbosity= + +# (int) Maximum size of files to be considered for diff display. +max_diff_size=104448 + +# (list) List of extensions to ignore when looking for modules to load. +# This is for rejecting script and binary module fallback extensions. +module_ignore_exts=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .yaml, .yml, .ini + +# (bool) Enables whether module responses are evaluated for containing non-UTF-8 data. +# Disabling this may result in unexpected behavior. +# Only ansible-core should evaluate this configuration. +module_strict_utf8_response=True + +# (list) TODO: write it +network_group_modules=eos, nxos, ios, iosxr, junos, enos, ce, vyos, sros, dellos9, dellos10, dellos6, asa, aruba, aireos, bigip, ironware, onyx, netconf, exos, voss, slxos + +# (boolean) Previously Ansible would only clear some of the plugin loading caches when loading new roles, this led to some behaviors in which a plugin loaded in previous plays would be unexpectedly 'sticky'. This setting allows the user to return to that behavior. +old_plugin_cache_clear=False + +# (path) A number of non-playbook CLIs have a ``--playbook-dir`` argument; this sets the default value for it. +playbook_dir= + +# (string) This sets which playbook dirs will be used as a root to process vars plugins, which includes finding host_vars/group_vars. +playbook_vars_root=top + +# (path) A path to configuration for filtering which plugins installed on the system are allowed to be used. +# See :ref:`plugin_filtering_config` for details of the filter file's format. +# The default is /etc/ansible/plugin_filters.yml +plugin_filters_cfg= + +# (string) Attempts to set RLIMIT_NOFILE soft limit to the specified value when executing Python modules (can speed up subprocess usage on Python 2.x. See https://bugs.python.org/issue11284). The value will be limited by the existing hard limit. Default value of 0 does not attempt to adjust existing system-defined limits. +python_module_rlimit_nofile=0 + +# (bool) This controls whether a failed Ansible playbook should create a .retry file. +retry_files_enabled=False + +# (path) This sets the path in which Ansible will save .retry files when a playbook fails and retry files are enabled. +# This file will be overwritten after each run with the list of failed hosts from all plays. +retry_files_save_path= + +# (str) This setting can be used to optimize vars_plugin usage depending on the user's inventory size and play selection. +run_vars_plugins=demand + +# (bool) This adds the custom stats set via the set_stats plugin to the default output. +show_custom_stats=False + +# (string) Action to take when a module parameter value is converted to a string (this does not affect variables). For string parameters, values such as '1.00', "['a', 'b',]", and 'yes', 'y', etc. will be converted by the YAML parser unless fully quoted. +# Valid options are 'error', 'warn', and 'ignore'. +# Since 2.8, this option defaults to 'warn' but will change to 'error' in 2.12. +string_conversion_action=warn + +# (boolean) Allows disabling of warnings related to potential issues on the system running Ansible itself (not on the managed hosts). +# These may include warnings about third-party packages or other conditions that should be resolved if possible. +system_warnings=True + +# (string) A string to insert into target logging for tracking purposes +target_log_info= + +# (boolean) This option defines whether the task debugger will be invoked on a failed task when ignore_errors=True is specified. +# True specifies that the debugger will honor ignore_errors, and False will not honor ignore_errors. +task_debugger_ignore_errors=True + +# (integer) Set the maximum time (in seconds) that a task can run for. +# If set to 0 (the default) there is no timeout. +task_timeout=0 + +# (string) Make ansible transform invalid characters in group names supplied by inventory sources. +force_valid_group_names=never + +# (boolean) Toggles the use of persistence for connections. +use_persistent_connections=False + +# (bool) A toggle to disable validating a collection's 'metadata' entry for a module_defaults action group. Metadata containing unexpected fields or value types will produce a warning when this is True. +validate_action_group_metadata=True + +# (list) Accept list for variable plugins that require it. +vars_plugins_enabled=host_group_vars + +# (list) Allows to change the group variable precedence merge order. +precedence=all_inventory, groups_inventory, all_plugins_inventory, all_plugins_play, groups_plugins_inventory, groups_plugins_play + +# (string) The salt to use for the vault encryption. If it is not provided, a random salt will be used. +vault_encrypt_salt= + +# (bool) Force 'verbose' option to use stderr instead of stdout +verbose_to_stderr=False + +# (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how long, in seconds, to wait for the task spawned by Ansible to connect back to the named pipe used on Windows systems. The default is 5 seconds. This can be too low on slower systems, or systems under heavy load. +# This is not the total time an async command can run for, but is a separate timeout to wait for an async command to start. The task will only start to be timed against its async_timeout once it has connected to the pipe, so the overall maximum duration the task can take will be extended by the amount specified here. +win_async_startup_timeout=5 + +# (list) Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these. +# This affects vars_files, include_vars, inventory and vars plugins among others. +yaml_valid_extensions=.yml, .yaml, .json + + +[privilege_escalation] +# (boolean) Display an agnostic become prompt instead of displaying a prompt containing the command line supplied become method. +agnostic_become_prompt=True + +# (boolean) When ``False``(default), Ansible will skip using become if the remote user is the same as the become user, as this is normally a redundant operation. In other words root sudo to root. +# If ``True``, this forces Ansible to use the become plugin anyways as there are cases in which this is needed. +become_allow_same_user=False + +# (boolean) Toggles the use of privilege escalation, allowing you to 'become' another user after login. +become=False + +# (boolean) Toggle to prompt for privilege escalation password. +become_ask_pass=False + +# (string) executable to use for privilege escalation, otherwise Ansible will depend on PATH. +become_exe= + +# (string) Flags to pass to the privilege escalation executable. +become_flags= + +# (string) Privilege escalation method to use when `become` is enabled. +become_method=sudo + +# (string) The user your login/remote user 'becomes' when using privilege escalation, most systems will use 'root' when no user is specified. +become_user=root + + +[persistent_connection] +# (path) Specify where to look for the ansible-connection script. This location will be checked before searching $PATH. +# If null, ansible will start with the same directory as the ansible script. +ansible_connection_path= + +# (int) This controls the amount of time to wait for a response from a remote device before timing out a persistent connection. +command_timeout=30 + +# (integer) This controls the retry timeout for persistent connection to connect to the local domain socket. +connect_retry_timeout=15 + +# (integer) This controls how long the persistent connection will remain idle before it is destroyed. +connect_timeout=30 + +# (path) Path to the socket to be used by the connection persistence system. +control_path_dir=/var/home/phreed/.ansible/pc + + +[connection] +# (boolean) This is a global option, each connection plugin can override either by having more specific options or not supporting pipelining at all. +# Pipelining, if supported by the connection plugin, reduces the number of network operations required to execute a module on the remote server, by executing many Ansible modules without actual file transfer. +# It can result in a very significant performance improvement when enabled. +# However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default. +# This setting will be disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled. +pipelining=False + + +[colors] +# (string) Defines the color to use on 'Changed' task status. +changed=yellow + +# (string) Defines the default color to use for ansible-console. +console_prompt=white + +# (string) Defines the color to use when emitting debug messages. +debug=dark gray + +# (string) Defines the color to use when emitting deprecation messages. +deprecate=purple + +# (string) Defines the color to use when showing added lines in diffs. +diff_add=green + +# (string) Defines the color to use when showing diffs. +diff_lines=cyan + +# (string) Defines the color to use when showing removed lines in diffs. +diff_remove=red + +# (string) Defines the color to use when emitting error messages. +error=red + +# (string) Defines the color to use for highlighting. +highlight=white + +# (string) Defines the color to use when showing 'OK' task status. +ok=green + +# (string) Defines the color to use when showing 'Skipped' task status. +skip=cyan + +# (string) Defines the color to use on 'Unreachable' status. +unreachable=bright red + +# (string) Defines the color to use when emitting verbose messages. In other words, those that show with '-v's. +verbose=blue + +# (string) Defines the color to use when emitting warning messages. +warn=bright purple + + +[selinux] +# (boolean) This setting causes libvirt to connect to LXC containers by passing ``--noseclabel`` parameter to ``virsh`` command. This is necessary when running on systems which do not have SELinux. +libvirt_lxc_noseclabel=False + +# (list) Some filesystems do not support safe operations and/or return inconsistent errors, this setting makes Ansible 'tolerate' those in the list without causing fatal errors. +# Data corruption may occur and writes are not always verified when a filesystem is in the list. +special_context_filesystems=fuse, nfs, vboxsf, ramfs, 9p, vfat + + +[diff] +# (bool) Configuration toggle to tell modules to show differences when in 'changed' status, equivalent to ``--diff``. +always=False + +# (integer) Number of lines of context to show when displaying the differences between files. +context=3 + + +[galaxy] +# (path) The directory that stores cached responses from a Galaxy server. +# This is only used by the ``ansible-galaxy collection install`` and ``download`` commands. +# Cache files inside this dir will be ignored if they are world writable. +cache_dir=/var/home/phreed/.ansible/galaxy_cache + +# (bool) whether ``ansible-galaxy collection install`` should warn about ``--collections-path`` missing from configured :ref:`collections_paths`. +collections_path_warning=True + +# (path) Collection skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy collection``, same as ``--collection-skeleton``. +collection_skeleton= + +# (list) patterns of files to ignore inside a Galaxy collection skeleton directory. +collection_skeleton_ignore=^.git$, ^.*/.git_keep$ + +# (bool) Disable GPG signature verification during collection installation. +disable_gpg_verify=False + +# (bool) Some steps in ``ansible-galaxy`` display a progress wheel which can cause issues on certain displays or when outputting the stdout to a file. +# This config option controls whether the display wheel is shown or not. +# The default is to show the display wheel if stdout has a tty. +display_progress= + +# (path) Configure the keyring used for GPG signature verification during collection installation and verification. +gpg_keyring= + +# (boolean) If set to yes, ansible-galaxy will not validate TLS certificates. This can be useful for testing against a server with a self-signed certificate. +ignore_certs= + +# (list) A list of GPG status codes to ignore during GPG signature verification. See L(https://github.com/gpg/gnupg/blob/master/doc/DETAILS#general-status-codes) for status code descriptions. +# If fewer signatures successfully verify the collection than `GALAXY_REQUIRED_VALID_SIGNATURE_COUNT`, signature verification will fail even if all error codes are ignored. +ignore_signature_status_codes= + +# (str) The number of signatures that must be successful during GPG signature verification while installing or verifying collections. +# This should be a positive integer or all to indicate all signatures must successfully validate the collection. +# Prepend + to the value to fail if no valid signatures are found for the collection. +required_valid_signature_count=1 + +# (path) Role skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy``/``ansible-galaxy role``, same as ``--role-skeleton``. +role_skeleton= + +# (list) patterns of files to ignore inside a Galaxy role or collection skeleton directory. +role_skeleton_ignore=^.git$, ^.*/.git_keep$ + +# (string) URL to prepend when roles don't specify the full URI, assume they are referencing this server as the source. +server=https://galaxy.ansible.com + +# (list) A list of Galaxy servers to use when installing a collection. +# The value corresponds to the config ini header ``[galaxy_server.{{item}}]`` which defines the server details. +# See :ref:`galaxy_server_config` for more details on how to define a Galaxy server. +# The order of servers in this list is used as the order in which a collection is resolved. +# Setting this config option will ignore the :ref:`galaxy_server` config option. +server_list= + +# (int) The default timeout for Galaxy API calls. Galaxy servers that don't configure a specific timeout will fall back to this value. +server_timeout=60 + +# (path) Local path to galaxy access token file +token_path=/var/home/phreed/.ansible/galaxy_token + + +[inventory] +# (string) This setting changes the behaviour of mismatched host patterns, it allows you to force a fatal error, a warning or just ignore it. +host_pattern_mismatch=warning + +# (boolean) If 'true', it is a fatal error when any given inventory source cannot be successfully parsed by any available inventory plugin; otherwise, this situation only attracts a warning. + +any_unparsed_is_failed=False + +# (bool) Toggle to turn on inventory caching. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory configuration. +# This message will be removed in 2.16. +cache=False + +# (string) The plugin for caching inventory. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_plugin= + +# (string) The inventory cache connection. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_connection= + +# (string) The table prefix for the cache plugin. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_prefix=ansible_inventory_ + +# (string) Expiration timeout for the inventory cache plugin data. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_timeout=3600 + +# (list) List of enabled inventory plugins, it also determines the order in which they are used. +enable_plugins=host_list, script, auto, yaml, ini, toml + +# (bool) Controls if ansible-inventory will accurately reflect Ansible's view into inventory or its optimized for exporting. +export=False + +# (list) List of extensions to ignore when using a directory as an inventory source. +ignore_extensions=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .orig, .ini, .cfg, .retry + +# (list) List of patterns to ignore when using a directory as an inventory source. +ignore_patterns= + +# (bool) If 'true' it is a fatal error if every single potential inventory source fails to parse, otherwise, this situation will only attract a warning. + +unparsed_is_failed=False + +# (boolean) By default, Ansible will issue a warning when no inventory was loaded and notes that it will use an implicit localhost-only inventory. +# These warnings can be silenced by adjusting this setting to False. +inventory_unparsed_warning=True + + +[netconf_connection] +# (string) This variable is used to enable bastion/jump host with netconf connection. If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config file, alternatively it can be set to custom ssh configuration file path to read the bastion/jump host settings. +ssh_config= + + +[paramiko_connection] +# (boolean) TODO: write it +host_key_auto_add=False + +# (boolean) TODO: write it +look_for_keys=True + + +[jinja2] +# (list) This list of filters avoids 'type conversion' when templating variables. +# Useful when you want to avoid conversion into lists or dictionaries for JSON strings, for example. +dont_type_filters=string, to_json, to_nice_json, to_yaml, to_nice_yaml, ppretty, json + + +[tags] +# (list) default list of tags to run in your plays, Skip Tags has precedence. +run= + +# (list) default list of tags to skip in your plays, has precedence over Run Tags +skip= + diff --git a/ansible.config b/ansible.config deleted file mode 100644 index e69de29..0000000 diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 2bc56d6..72e7f51 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -28,7 +28,9 @@ noderedserver_port: 1880 nodered_npm_packages: - node-red@v3.1.9 - node-red-admin - - node-red-contrib-web-worldmap@5.0.1 + - node-red-contrib-web-worldmap@5.0.3 + - node-red-contrib-tak-registration@0.12.1 + nodered_nodes: - node-red-contrib-config - node-red-dashboard @@ -37,7 +39,7 @@ nodered_nodes: nodered_flows: - salute.json - videochecker.json - - webmap.json + - webmap-v5.json nodered_post_flows_body: "{{ lookup('template', 'flows.json.j2') }}" @@ -45,7 +47,7 @@ nodered_post_flow_salute: "{{ lookup('template', 'salute.json.j2') }}" nodered_post_flow_videochecker: "{{ lookup('template', 'videochecker.json.j2') }}" -nodered_post_flow_webmap: "{{ lookup('template', 'webmap.json.j2') }}" +# nodered_post_flow_webmap: "{{ lookup('template', 'webmap-v5.json.j2') }}" nodered_service_name: nodered diff --git a/roles/nodered/tasks/configure-Ubuntu.yml b/roles/nodered/tasks/configure-Ubuntu.yml index cf4bb76..944c612 100644 --- a/roles/nodered/tasks/configure-Ubuntu.yml +++ b/roles/nodered/tasks/configure-Ubuntu.yml @@ -35,6 +35,12 @@ - name: Clone FreeTAKHub_VideoChecker repository tags: nodered shell: git clone https://github.com/FreeTAKTeam/FreeTAKHub_VideoChecker.git +# git: +# repo: 'https://github.com/FreeTAKTeam/FreeTAKHub_VideoChecker.git' +# dest: '{{ playbook_dir }}' +# force: true +# clone: yes +# update: yes - name: Clone FreeTAKHub_SALUTE repository tags: nodered @@ -44,14 +50,6 @@ tags: nodered shell: git clone https://github.com/FreeTAKTeam/FreeTAKHub-Webmap.git -# - name: Clone FreeTAKHub_VideoChecker repository -# tags: nodered -# git: -# repo: 'https://github.com/FreeTAKTeam/FreeTAKHub_VideoChecker.git' -# dest: '{{ playbook_dir }}' -# force: true -# clone: yes -# update: yes - name: Authenticate to NodeRed Admin API tags: nodered @@ -94,18 +92,6 @@ # body_format: json # status_code: 204 -# - name: Import Node-RED SALUTE flow via HTTP POST -# uri: -# url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flow" -# method: POST -# headers: -# Content-Type: application/json -# Node-RED-API-Version: v1 -# Node-RED-Deployment-Type: full -# Authorization: Bearer {{ nodered_admin_token }} -# body: "{{ nodered_post_flow_salute }}" -# body_format: json -# status_code: 200 - name: Import Node-RED FTH Config flow via HTTP POST uri: @@ -143,6 +129,7 @@ Node-RED-Deployment-Type: full Authorization: Bearer {{ nodered_admin_token }} body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_Forms_SALUTE/freetakhub_salute.json') }}" +# body: "{{ nodered_post_flow_salute }}" body_format: json status_code: 200 @@ -155,22 +142,11 @@ Node-RED-API-Version: v1 Node-RED-Deployment-Type: full Authorization: Bearer {{ nodered_admin_token }} - body: "{{ lookup('file', playbook_dir + '/FreeTAKHub-Webmap/freetakhub_webmap.json') }}" + body: "{{ lookup('file', playbook_dir + '/FreeTAKHub-Webmap/freetakhub_webmap_v5.json') }}" +# body: "{{ nodered_post_flow_webmap }}" body_format: json status_code: 200 - -# - name: Import Node-RED Videochecker flow via HTTP POST -# uri: -# url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flow" -# method: POST -# headers: -# Content-Type: application/json -# Node-RED-API-Version: v1 -# Node-RED-Deployment-Type: full -# Authorization: Bearer {{ nodered_admin_token }} -# body: "{{ nodered_post_flow_webmap }}" -# body_format: json -# status_code: 200 + - name: Ensure reachable connection to Video Server tags: nodered @@ -193,5 +169,4 @@ flows: [{}] body_format: json status_code: 204 - when: nodered_wait_for_videoserver diff --git a/roles/nodered/templates/global-config.json.j2 b/roles/nodered/templates/global-config.json.j2 new file mode 100644 index 0000000..524f41a --- /dev/null +++ b/roles/nodered/templates/global-config.json.j2 @@ -0,0 +1,44 @@ +[ + { + "id": "071fff36491b5378", + "type": "global-config", + "name": "global-config", + "env": [ + { + "name": "FTH_FTS_URL", + "value": "127.0.0.1", + "type": "str" + }, + { + "name": "FTH_FTS_TCP_Port", + "value": "8087", + "type": "str" + }, + { + "name": "FTH_FTS_API_Port", + "value": "19023", + "type": "str" + }, + { + "name": "FTH_FTS_API_Auth", + "value": "token", + "type": "str" + }, + { + "name": "FTH_FTS_STREAM_Port", + "value": "8554", + "type": "str" + }, + { + "name": "FTH_FTS_VIDEO_URL", + "value": "127.0.0.1", + "type": "str" + }, + { + "name": "FTH_FTS_VIDEO_API_PORT", + "value": "9997", + "type": "str" + } + ] + } +] \ No newline at end of file diff --git a/roles/nodered/templates/old.flows.json.j2 b/roles/nodered/templates/old.flows.json.j2 deleted file mode 100644 index 53e8776..0000000 --- a/roles/nodered/templates/old.flows.json.j2 +++ /dev/null @@ -1,1479 +0,0 @@ -[ - { - "id": "9c3be5f3.90e288", - "type": "tab", - "label": "SALUTE", - "disabled": false, - "info": "", - "env": [] - }, - { - "id": "e81402f5.f8254", - "type": "tab", - "label": "FTH VideoChecker", - "disabled": false, - "info": "This flow checks the simple-RTSP video service using the API and parses the active paths.\nWhen a path is present, it creates a video endpoint to FTS.\nFTS sends the video to all the connected TAK devices.\nEndpoints with the same name will be updated." - }, - { - "id": "c3abc391.1d58", - "type": "ui_group", - "name": "SALUTE Form", - "tab": "5809210.24f5ce", - "order": 1, - "disp": true, - "width": "12", - "collapse": false - }, - { - "id": "5809210.24f5ce", - "type": "ui_tab", - "name": "FTS Forms", - "icon": "dashboard", - "disabled": false, - "hidden": false - }, - { - "id": "72983f63c8fade07", - "type": "ui_base", - "theme": { - "name": "theme-light", - "lightTheme": { - "default": "#0094CE", - "baseColor": "#0094CE", - "baseFont": "-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif", - "edited": false - }, - "darkTheme": { - "default": "#097479", - "baseColor": "#097479", - "baseFont": "-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif", - "edited": false - }, - "customTheme": { - "name": "Untitled Theme 1", - "default": "#4B7930", - "baseColor": "#4B7930", - "baseFont": "-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif" - }, - "themeState": { - "base-color": { - "default": "#0094CE", - "value": "#0094CE", - "edited": false - }, - "page-titlebar-backgroundColor": { - "value": "#0094CE", - "edited": false - }, - "page-backgroundColor": { - "value": "#fafafa", - "edited": false - }, - "page-sidebar-backgroundColor": { - "value": "#ffffff", - "edited": false - }, - "group-textColor": { - "value": "#1bbfff", - "edited": false - }, - "group-borderColor": { - "value": "#ffffff", - "edited": false - }, - "group-backgroundColor": { - "value": "#ffffff", - "edited": false - }, - "widget-textColor": { - "value": "#111111", - "edited": false - }, - "widget-backgroundColor": { - "value": "#0094ce", - "edited": false - }, - "widget-borderColor": { - "value": "#ffffff", - "edited": false - }, - "base-font": { - "value": "-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Oxygen-Sans,Ubuntu,Cantarell,Helvetica Neue,sans-serif" - } - }, - "angularTheme": { - "primary": "indigo", - "accents": "blue", - "warn": "red", - "background": "grey", - "palette": "light" - } - }, - "site": { - "name": "Node-RED Dashboard", - "hideToolbar": "false", - "allowSwipe": "false", - "lockMenu": "false", - "allowTempTheme": "true", - "dateFormat": "DD/MM/YYYY", - "sizes": { - "sx": 48, - "sy": 48, - "gx": 6, - "gy": 6, - "cx": 6, - "cy": 6, - "px": 0, - "py": 0 - } - } - }, - { - "id": "3db9bf25.a5ca2", - "type": "ui_form", - "z": "9c3be5f3.90e288", - "name": "form", - "label": "SALUTE", - "group": "c3abc391.1d58", - "order": 0, - "width": 0, - "height": 0, - "options": [ - { - "label": "Report Name", - "value": "name", - "type": "text", - "required": true, - "rows": null - }, - { - "label": "Location", - "value": "address", - "type": "text", - "required": true, - "rows": null - }, - { - "label": "Callsign", - "value": "userCallsign", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "report Date", - "value": "dateTime", - "type": "date", - "required": true, - "rows": null - }, - { - "label": "TimeObserved", - "value": "time", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Duration of Even", - "value": "Duration", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "event Scale", - "value": "eventScale", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Type", - "value": "type", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Equipment", - "value": "equipment", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "status", - "value": "status", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Size", - "value": "size", - "type": "number", - "required": false, - "rows": null - }, - { - "label": "Importance", - "value": "importance", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Activity", - "value": "activity", - "type": "multiline", - "required": true, - "rows": 3 - }, - { - "label": "Unit Identification", - "value": "Identification", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Assessed Threats", - "value": "AssessedThreats", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "MethodOfDetection", - "value": "Method", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Surveillance Type", - "value": "SurveillanceType", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Final Remarks", - "value": "FinalRemarks", - "type": "text", - "required": false, - "rows": null - } - ], - "formValue": { - "name": "", - "address": "", - "userCallsign": "", - "dateTime": "", - "time": "", - "Duration": "", - "eventScale": "", - "type": "", - "equipment": "", - "status": "", - "size": "", - "importance": "", - "activity": "", - "Identification": "", - "AssessedThreats": "", - "Method": "", - "SurveillanceType": "", - "FinalRemarks": "" - }, - "payload": "", - "submit": "submit", - "cancel": "cancel", - "topic": "topic", - "topicType": "msg", - "splitLayout": true, - "className": "", - "x": 230, - "y": 160, - "wires": [ - [ - "b141c7b.7bd5138", - "12195b34.dece55" - ] - ] - }, - { - "id": "1bde6131.aeec3f", - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "true", - "targetType": "full", - "statusVal": "", - "statusType": "auto", - "x": 910, - "y": 160, - "wires": [] - }, - { - "id": "2d8912f5.e50c8e", - "type": "http request", - "z": "9c3be5f3.90e288", - "name": "", - "method": "POST", - "ret": "txt", - "paytoqs": "body", - "url": "http://{{ videoserver_public_ipv4 }}:19023/ManageKML/postKML", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "senderr": false, - "x": 670, - "y": 220, - "wires": [ - [ - "1bde6131.aeec3f", - "573bdb94.029964" - ] - ] - }, - { - "id": "b141c7b.7bd5138", - "type": "function", - "z": "9c3be5f3.90e288", - "name": "Create rest", - "func": "msg.payload ={\n name: msg.payload.name,\n address: msg.payload.address,\n body :{\n userCallsign: msg.payload.userCallsign,\n dateTime: msg.payload.dateTime,\n TimeObserved: msg.payload.time,\n MethodOfDetection: msg.payload.Method,\n SurveillanceType: msg.payload.SurveillanceType,\n DurationofEvent: msg.payload.Duration,\n eventScale: msg.payload.eventScale,\n type: msg.payload.type,\n Size:msg.payload.size,\n Equipment: msg.payload.equipment,\n activity: msg.payload.activity,\n importance: msg.payload.importance,\n status: msg.payload.status,\n Identification: msg.payload.Identification,\n AssessedThreats: msg.payload.AssessedThreats,\n FinalRemarks: msg.payload.FinalRemarks\n}\n}\n\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 480, - "y": 220, - "wires": [ - [ - "2d8912f5.e50c8e", - "f14ea69be158a681" - ] - ] - }, - { - "id": "573bdb94.029964", - "type": "ui_toast", - "z": "9c3be5f3.90e288", - "position": "top right", - "displayTime": "5", - "highlight": "", - "sendall": true, - "outputs": 0, - "ok": "OK", - "cancel": "", - "raw": false, - "topic": "", - "name": "", - "x": 880, - "y": 260, - "wires": [] - }, - { - "id": "12195b34.dece55", - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "false", - "statusVal": "", - "statusType": "auto", - "x": 480, - "y": 120, - "wires": [] - }, - { - "id": "f14ea69be158a681", - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "REST", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 680, - "y": 120, - "wires": [] - }, - { - "id": "700f174cb7e69abe", - "type": "comment", - "z": "9c3be5f3.90e288", - "name": "Customize this!", - "info": "", - "x": 660, - "y": 340, - "wires": [] - }, - { - "id": "2a7e77e7.a92748", - "type": "http request", - "z": "e81402f5.f8254", - "name": "Post Video to FTS", - "method": "POST", - "ret": "txt", - "paytoqs": "ignore", - "url": "http://{{ videoserver_public_ipv4 }}:19023/ManageVideoStream/postVideoStream", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "credentials": { - "password": "token" - }, - "x": 970, - "y": 240, - "wires": [ - [ - "25874402.182cec", - "f8da2c2e.b2fb3" - ] - ] - }, - { - "id": "25874402.182cec", - "type": "switch", - "z": "e81402f5.f8254", - "name": "check return", - "property": "statusCode", - "propertyType": "msg", - "rules": [ - { - "t": "eq", - "v": "200", - "vt": "str" - }, - { - "t": "eq", - "v": "500", - "vt": "str" - }, - { - "t": "eq", - "v": "401", - "vt": "str" - } - ], - "checkall": "true", - "repair": false, - "outputs": 3, - "x": 1310, - "y": 240, - "wires": [ - [ - "791450ee.61b5a" - ], - [ - "1b6de090.e2467f" - ], - [ - "a48bd58e.401dc8" - ] - ] - }, - { - "id": "791450ee.61b5a", - "type": "debug", - "z": "e81402f5.f8254", - "name": "Success!", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1520, - "y": 200, - "wires": [] - }, - { - "id": "1b6de090.e2467f", - "type": "debug", - "z": "e81402f5.f8254", - "name": " INTERNAL SERVER ERROR", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1590, - "y": 240, - "wires": [] - }, - { - "id": "a48bd58e.401dc8", - "type": "debug", - "z": "e81402f5.f8254", - "name": "Non authorized", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1520, - "y": 300, - "wires": [] - }, - { - "id": "41b82d8d.8266e4", - "type": "function", - "z": "e81402f5.f8254", - "name": "CreateVideoStream", - "func": "\n msg.addr = global.get('FTH_FTS_URL');\n msg.port = global.get('FTH_FTS_API_Port');\n msg.streamPort = global.get('FTH_FTS_STREAM_Port');\n msg.streamAddress = global.get('FTH_FTS_VIDEO_URL');\n let streamPath = msg.payload;\n let alias = msg.payload;\n let streamProtocol= \"rtsp\";\n\n \n\nmsg.payload = [];\n\n msg.payload={\n alias: alias,\n streamProtocol: streamProtocol,\n streamAddress: msg.streamAddress,\n streamPort: msg.streamPort ,\n streamPath: streamPath,\n };\n \nreturn msg;\n\n", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 730, - "y": 280, - "wires": [ - [ - "2a7e77e7.a92748", - "351711f.8aa5aee" - ] - ] - }, - { - "id": "351711f.8aa5aee", - "type": "debug", - "z": "e81402f5.f8254", - "name": "Rest Payload", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 970, - "y": 300, - "wires": [] - }, - { - "id": "f8da2c2e.b2fb3", - "type": "debug", - "z": "e81402f5.f8254", - "name": "", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "true", - "targetType": "full", - "statusVal": "", - "statusType": "auto", - "x": 1150, - "y": 180, - "wires": [] - }, - { - "id": "529fdac2.273054", - "type": "http request", - "z": "e81402f5.f8254", - "name": "Connect to RTSP server", - "method": "GET", - "ret": "obj", - "paytoqs": "ignore", - "url": "http://{{ videoserver_public_ipv4 }}:9997/v1/paths/list", - "tls": "", - "persist": false, - "proxy": "", - "authType": "", - "x": 490, - "y": 160, - "wires": [ - [ - "801fd65f.5be7d8", - "70339513.554ecc" - ] - ] - }, - { - "id": "801fd65f.5be7d8", - "type": "debug", - "z": "e81402f5.f8254", - "name": "received from JSON", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "true", - "targetType": "full", - "statusVal": "", - "statusType": "auto", - "x": 540, - "y": 80, - "wires": [] - }, - { - "id": "5812cb15.cd4b04", - "type": "inject", - "z": "e81402f5.f8254", - "name": "start", - "props": [ - { - "p": "addr", - "v": "", - "vt": "date" - } - ], - "repeat": "120", - "crontab": "", - "once": false, - "onceDelay": 0.1, - "topic": "", - "payloadType": "str", - "x": 110, - "y": 80, - "wires": [ - [ - "ab5e51e8.e29b5" - ] - ] - }, - { - "id": "e7eb8030.427a4", - "type": "switch", - "z": "e81402f5.f8254", - "name": "check streams", - "property": "payload.source", - "propertyType": "msg", - "rules": [ - { - "t": "nempty" - }, - { - "t": "null" - }, - { - "t": "eq", - "v": "", - "vt": "str" - } - ], - "checkall": "true", - "repair": false, - "outputs": 3, - "x": 600, - "y": 400, - "wires": [ - [], - [ - "7fc68a9f.e82fe4" - ], - [] - ] - }, - { - "id": "7fc68a9f.e82fe4", - "type": "debug", - "z": "e81402f5.f8254", - "name": "no stream!", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "true", - "targetType": "full", - "statusVal": "", - "statusType": "auto", - "x": 830, - "y": 440, - "wires": [] - }, - { - "id": "b6661f0d.790e8", - "type": "debug", - "z": "e81402f5.f8254", - "name": "after split", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 520, - "y": 460, - "wires": [] - }, - { - "id": "70339513.554ecc", - "type": "split", - "z": "e81402f5.f8254", - "name": "", - "splt": "\\n", - "spltType": "str", - "arraySplt": 1, - "arraySpltType": "len", - "stream": false, - "addname": "", - "x": 710, - "y": 160, - "wires": [ - [ - "ce49e6a3.280768", - "7714b387.25136c" - ] - ] - }, - { - "id": "90676aac.d49f98", - "type": "split", - "z": "e81402f5.f8254", - "name": "", - "splt": "\\n", - "spltType": "str", - "arraySplt": 1, - "arraySpltType": "len", - "stream": false, - "addname": "", - "x": 410, - "y": 420, - "wires": [ - [ - "b6661f0d.790e8", - "e7eb8030.427a4" - ] - ] - }, - { - "id": "ab5e51e8.e29b5", - "type": "function", - "z": "e81402f5.f8254", - "name": "getVideoStream", - "func": "\n msg.addr = global.get('FTH_FTS_VIDEO_URL');\n msg.port = global.get('FTH_FTS_VIDEO_API_PORT');\n \n \nreturn msg;\n\n", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 280, - "y": 80, - "wires": [ - [ - "529fdac2.273054" - ] - ] - }, - { - "id": "cb4abca3.6a73d", - "type": "config", - "z": "e81402f5.f8254", - "name": "FTH Global Config", - "properties": [ - { - "p": "FTH_FTS_URL", - "pt": "global", - "to": "{{ videoserver_public_ipv4 }}", - "tot": "str" - }, - { - "p": "FTH_FTS_TCP_Port", - "pt": "global", - "to": "8087", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Port", - "pt": "global", - "to": "19023", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Auth", - "pt": "global", - "to": "token", - "tot": "str" - }, - { - "p": "FTH_FTS_STREAM_Port", - "pt": "global", - "to": "8554", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_URL", - "pt": "global", - "to": "{{ videoserver_public_ipv4 }}", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_API_PORT", - "pt": "global", - "to": "9997", - "tot": "str" - } - ], - "active": true, - "x": 150, - "y": 160, - "wires": [] - }, - { - "id": "ce49e6a3.280768", - "type": "debug", - "z": "e81402f5.f8254", - "name": "conf name", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 770, - "y": 60, - "wires": [] - }, - { - "id": "7714b387.25136c", - "type": "function", - "z": "e81402f5.f8254", - "name": "", - "func": "\nnode.warn(Object.keys(msg.payload).length);\nfor (let i = 0; i < Object.keys(msg.payload).length; i++) { \n // node.warn(Object.keys(msg.payload)[i])\n if (Object.values(msg.payload)[i].source){\n msg.payload = \"/\"+Object.keys(msg.payload)[i]\n node.send(msg)\n }\n}\nreturn;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 860, - "y": 160, - "wires": [ - [ - "41b82d8d.8266e4", - "b6146596.a3aeb8" - ] - ] - }, - { - "id": "b6146596.a3aeb8", - "type": "debug", - "z": "e81402f5.f8254", - "name": "after function", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1010, - "y": 80, - "wires": [] - }, - { - "id": "bfadd2cc.7c368", - "type": "inject", - "z": "e81402f5.f8254", - "name": "", - "props": [ - { - "p": "payload" - }, - { - "p": "topic", - "vt": "str" - } - ], - "repeat": "", - "crontab": "", - "once": false, - "onceDelay": 0.1, - "topic": "", - "payload": "", - "payloadType": "date", - "x": 390, - "y": 520, - "wires": [ - [ - "a4bc3376.a38dd" - ] - ] - }, - { - "id": "a4bc3376.a38dd", - "type": "function", - "z": "e81402f5.f8254", - "name": "", - "func": "var colors=[\"red\",\"blue\",\"green\"];\nfor (let i = 0; i < colors.length; i++) { \n msg.payload = colors[i]\n node.send(msg);\n}\nreturn;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 580, - "y": 520, - "wires": [ - [ - "c290bbb3.401e98" - ] - ] - }, - { - "id": "c290bbb3.401e98", - "type": "debug", - "z": "e81402f5.f8254", - "name": "", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "false", - "statusVal": "", - "statusType": "auto", - "x": 790, - "y": 520, - "wires": [] - }, - { - "id": "9946c2419fd3c3ae", - "type": "inject", - "z": "db2b165142e8c36a", - "name": "", - "props": [ - { - "p": "payload" - }, - { - "p": "topic", - "vt": "str" - } - ], - "repeat": "120", - "crontab": "", - "once": true, - "onceDelay": 0.1, - "topic": "", - "payload": "", - "payloadType": "date", - "x": 170, - "y": 160, - "wires": [ - [ - "33593e8ece650844" - ] - ] - }, - { - "id": "33593e8ece650844", - "type": "function", - "z": "db2b165142e8c36a", - "name": "CoT Ping", - "func": " msg.host = global.get('FTH_FTS_URL');\n msg.port = global.get('FTH_FTS_TCP_Port');\nconst dt = Date.now();\nconst dtD = new Date(dt).toISOString();\nconst dtD5 = new Date(dt + 250000).toISOString();\n\nmsg.payload = {\n event: {\n \"$\": { \n version: \"2.0\", \n type: \"t-x-d-d\", \n uid : \"node-red\",\n time: dtD,\n start: dtD,\n stale: dtD5,\n how: \"m-g\"\n }\n }\n \n}\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [ - - ], - "x": 320, - "y": 160, - "wires": [ - [ - "7a0f7d3e4099e946" - ] - ] - }, - { - "id": "7a0f7d3e4099e946", - "type": "xml", - "z": "db2b165142e8c36a", - "name": "", - "property": "payload", - "attr": "", - "chr": "", - "x": 450, - "y": 160, - "wires": [ - [ - "52446a6c25605721" - ] - ] - }, - { - "id": "7c52084b496b83bc", - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Keep Server Connection Alive", - "info": "", - "x": 200, - "y": 120, - "wires": [ - - ] - }, - { - "id": "52446a6c25605721", - "type": "tcp request", - "z": "db2b165142e8c36a", - "name": "FTS Server", - "server": "", - "port": "", - "out": "sit", - "ret": "buffer", - "splitc": " ", - "x": 590, - "y": 160, - "wires": [ - [ - "3c62054705949d69", - "4134eaa89c5c71e0" - ] - ] - }, - { - "id": "3c62054705949d69", - "type": "function", - "z": "db2b165142e8c36a", - "name": "buf->str", - "func": "/*\nlet oldPayload = msg.payload;\nmsg.payload = oldPayload.toString();\nreturn msg;\n*/\n\nvar rest = context.rest || \"\";\nvar p = rest + msg.payload.toString();\nvar b = p.split(\"\");\nwhile (b.length > 1) {\n var m = b.shift();\n node.send({ payload: m + \"\" });\n}\ncontext.rest = b;\nreturn;\n", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [ - - ], - "x": 740, - "y": 160, - "wires": [ - [ - "91213e2448bab185" - ] - ] - }, - { - "id": "91213e2448bab185", - "type": "xml", - "z": "db2b165142e8c36a", - "name": "", - "property": "payload", - "attr": "", - "chr": "", - "x": 870, - "y": 160, - "wires": [ - [ - "4b3df29696d9fc8f" - ] - ] - }, - { - "id": "8c35a77a0d0d3f3d", - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Connect to FTS", - "info": "", - "x": 600, - "y": 120, - "wires": [ - - ] - }, - { - "id": "586a2364ecb46529", - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Convert to Worldmap Payload", - "info": "", - "x": 1060, - "y": 120, - "wires": [ - - ] - }, - { - "id": "885b808dd8a4895d", - "type": "debug", - "z": "db2b165142e8c36a", - "name": "TAK map output", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1260, - "y": 80, - "wires": [ - - ] - }, - { - "id": "3a1205e793d055fa", - "type": "worldmap", - "z": "db2b165142e8c36a", - "name": "TAK Map", - "lat": "43", - "lon": "13", - "zoom": "4", - "layer": "EsriDG", - "cluster": "", - "maxage": "5000", - "usermenu": "show", - "layers": "show", - "panit": "false", - "panlock": "false", - "zoomlock": "false", - "hiderightclick": "false", - "coords": "deg", - "showgrid": "true", - "allowFileDrop": "true", - "path": "/tak-map", - "overlist": "DR,CO,RA,DN,BU,RW,SN,AC,TL,HM", - "maplist": "OSMG,OSMC,EsriC,EsriS,EsriT,EsriO,EsriDG,NatGeo,OpTop,SW", - "mapname": "", - "mapurl": "", - "mapopt": "", - "mapwms": false, - "x": 1240, - "y": 220, - "wires": [ - - ] - }, - { - "id": "71787ea1acdd3c9a", - "type": "worldmap in", - "z": "db2b165142e8c36a", - "name": "", - "path": "/tak-map", - "events": "connect", - "x": 220, - "y": 280, - "wires": [ - [ - "3f1c45fae45fc2ae" - ] - ] - }, - { - "id": "361f42b16f36cb0d", - "type": "worldmap in", - "z": "db2b165142e8c36a", - "name": "event", - "path": "/tak-map", - "events": "other", - "x": 190, - "y": 380, - "wires": [ - [ - "9e3dcf9240c85d5a" - ] - ] - }, - { - "id": "bf877041be384805", - "type": "debug", - "z": "db2b165142e8c36a", - "name": "No form!!", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 560, - "y": 540, - "wires": [ - - ] - }, - { - "id": "3f1c45fae45fc2ae", - "type": "function", - "z": "db2b165142e8c36a", - "name": "form", - "func": "msg.payload = { command: {\ncontextmenu: String.raw`\n\n\n\n\n\n\n\n\n\n\n
Attitude
Type
TimeoutS
Name
\n`\n}}\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [ - - ], - "x": 1010, - "y": 260, - "wires": [ - [ - "3a1205e793d055fa" - ] - ] - }, - { - "id": "17650e362d95de70", - "type": "config", - "z": "db2b165142e8c36a", - "name": "FTH Global Config", - "properties": [ - { - "p": "FTH_FTS_URL", - "pt": "global", - "to": "{{ videoserver_public_ipv4 }}", - "tot": "str" - }, - { - "p": "FTH_FTS_TCP_Port", - "pt": "global", - "to": "8087", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Port", - "pt": "global", - "to": "19023", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Auth", - "pt": "global", - "to": "token", - "tot": "str" - }, - { - "p": "FTH_FTS_STREAM_Port", - "pt": "global", - "to": "8554", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_URL", - "pt": "global", - "to": "{{ videoserver_public_ipv4 }}", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_API_PORT", - "pt": "global", - "to": "9997", - "tot": "str" - } - ], - "active": true, - "x": 190, - "y": 80, - "wires": [ - - ] - }, - { - "id": "f9c1c3d2b0dcf4da", - "type": "http request", - "z": "db2b165142e8c36a", - "name": "Post COT to FTS", - "method": "POST", - "ret": "txt", - "paytoqs": "ignore", - "url": "http://{{ videoserver_public_ipv4 }}:19023/ManageGeoObject/postGeoObject", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "credentials": { - "password": "token" - }, - "senderr": false, - "x": 890, - "y": 440, - "wires": [ - [ - "e42b1fdd3dd68980" - ] - ] - }, - { - "id": "64334cba1273e06c", - "type": "function", - "z": "db2b165142e8c36a", - "name": "", - "func": "\n msg.addr = global.get('FTH_FTS_URL');\n msg.port = global.get('FTH_FTS_API_Port');\nlet lon = msg.payload.lon;\n let lat = msg.payload.lat;\n let attitude = msg.payload.value.attitude;\n let geoobject = msg.payload.value.geobject;\n let timeOut = msg.payload.name.timeout;\n let aName = msg.payload.value.name;\n let token = global.get('FTH_FTS_API_Auth');\n\n \nmsg.headers = {};\nmsg.headers['Authorization'] = \"Bearer \"+ token;\n \n\nmsg.payload = [];\n\n msg.payload={\n longitude: lon,\n latitude: lat,\nattitude: attitude,\ngeoObject: geoobject,\nhow: \"nonCoT\",\nname: aName,\ntimeout: timeOut \n };\n \nreturn msg;\n", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [ - - ], - "x": 680, - "y": 440, - "wires": [ - [ - "f9c1c3d2b0dcf4da" - ] - ] - }, - { - "id": "e42b1fdd3dd68980", - "type": "debug", - "z": "db2b165142e8c36a", - "name": "API Response", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1120, - "y": 440, - "wires": [ - - ] - }, - { - "id": "9e3dcf9240c85d5a", - "type": "switch", - "z": "db2b165142e8c36a", - "name": "check message", - "property": "payload.value.name", - "propertyType": "msg", - "rules": [ - { - "t": "nempty" - }, - { - "t": "empty" - } - ], - "checkall": "true", - "repair": false, - "outputs": 2, - "x": 440, - "y": 420, - "wires": [ - [ - "64334cba1273e06c" - ], - [ - "bf877041be384805" - ] - ] - }, - { - "id": "647af514a3fc61f2", - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Add the menu", - "info": "", - "x": 210, - "y": 240, - "wires": [ - - ] - }, - { - "id": "57d4f22db956d69b", - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Get the result from the post", - "info": "", - "x": 230, - "y": 340, - "wires": [ - - ] - }, - { - "id": "0565f229206163d0", - "type": "comment", - "z": "db2b165142e8c36a", - "name": "CONFIG ME!!!!", - "info": "", - "x": 170, - "y": 40, - "wires": [ - - ] - }, - { - "id": "4134eaa89c5c71e0", - "type": "debug", - "z": "db2b165142e8c36a", - "name": "Strem output", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 770, - "y": 80, - "wires": [ - - ] - }, - { - "id": "4b3df29696d9fc8f", - "type": "function", - "z": "db2b165142e8c36a", - "name": "CoT to Map", - "func": "/*\nThe following block of code transforms a JSONified CoT Event into a Worldmap \nPoint Payload.\n*/\nlet ttl= 3600;\nlet deleted = false; //= 'undefined';\nlet invalid = 9999999;\nlet event = msg.payload[\"event\"];\n\n/* \nIf the CoT Event contains Detail Elements, extract the first one.\nIf there are no Detail Elements, break.\n*/\nlet _detail = event[\"detail\"];\nif (_detail === undefined) { return null; }\nlet detail = _detail[0];\n\n/*\nIf the CoT Event contains a Point element, use it. If not, break.\n*/\nlet point = event[\"point\"];\nif (point === undefined) { return null; }\n\n/* We'll use UID a couple of times, so lets set it as a variable here. */\nlet uid = event[\"$\"][\"uid\"];\n\n/* Extract the Event Type and Affiliation. */\nlet eventType = event[\"$\"][\"type\"];\nif (eventType === \"t-x-d-d\") { return; } // ignore pings\n\nlet et = eventType.split(\"-\");\nlet affil = et[1];\n\n/* There is no '.' notation in SDR, so mark Neutral. */\nif (affil.includes(\".\")) { affil = \"n\"; } \n\n/* Ram the CoT Event Type portions into a SIDR Type */\nlet SIDC = `s${affil}${et[2]}p${et[3] || \"-\" }${et[4] || \"-\" }${et[5] || \"-\" }--------`;\n\n/* Now handle all the weird extra CoT ones... */\nif ((/a-.-X-i-o/).test(eventType)) { SIDC = `E${affil}IP--------` }\nelse if ((/a-.-X-i-g-a/).test(eventType)) { SIDC = `EFNPAB------` }\nelse if ((/a-.-X-i-g-e/).test(eventType)) { SIDC = `EFNPAC------` }\nelse if ((/a-.-X-i-g-l/).test(eventType)) { SIDC = `EFNPAD------` }\nelse if ((/a-.-X-i-g-s/).test(eventType)) { SIDC = `EFNPAE------` }\nelse if ((/a-.-X-i-g-v-e/).test(eventType)) { SIDC = `WFSPWSVE----` }\nelse if ((/a-.-X-i-g-v/).test(eventType)) { SIDC = `EFNPAG------` }\nelse if ((/a-.-X-i-g/).test(eventType)) { SIDC = `E${affil}NPA-------` }\nelse if ((/a-.-X-i-m-c/).test(eventType)) { SIDC = `WFSPWSTSS---` }\nelse if ((/a-.-X-i-m-d/).test(eventType)) { SIDC = `EFNPBB------` }\nelse if ((/a-.-X-i-m-n/).test(eventType)) { SIDC = `EFNPBM------` }\nelse if ((/a-.-X-i-f/).test(eventType)) { SIDC = `E${affil}IPC-------` }\nelse if ((/a-.-X-i-h/).test(eventType)) { SIDC = `E${affil}OPA-------` }\nelse if ((/a-.-X-i-t-v-a/).test(eventType)) { SIDC = `E${affil}IPHA------` }\n\nelse if ((/a-.-G-I-X-H/).test(eventType)) { SIDC = `S${affil}GPIXH---H-` }\nelse if ((/a-.-G-I-i-l/).test(eventType)) { SIDC = `E${affil}OPDJC-----` }\nelse if ((/a-.-G-I-R-P/).test(eventType)) { SIDC = `S${affil}GPIRP---H-` }\nelse if ((/a-.-G-I-U-E/).test(eventType)) { SIDC = `S${affil}GPIUE---H-` }\nelse if ((/a-.-G-I-U-T/).test(eventType)) { SIDC = `S${affil}GPIUT---H-` }\nelse if ((/a-.-G-I-i-e/).test(eventType)) { SIDC = `E${affil}OPBC------` }\n\nelse if ((/a-.-G-U-C-V-R-E/).test(eventType)) { SIDC = `S${affil}APMFO-----` }\nelse if ((/a-.-A-M-F-Q-H/).test(eventType)) { SIDC = `S${affil}APMFH-----` }\n\nelse if ((/a-.-G-I-U-T/).test(eventType)) { SIDC = `S${affil}GPIUT---H-` }\nelse if ((/b-r-.-O-I-V/).test(eventType)) { SIDC = `S${affil}EFIPAC------` }\n// emrgency open send symbol and reduce ttl\nelse if ((/b-a-o-opn/).test(eventType)) \n{ SIDC = `S${affil}SFGDU-------` ;\n//{ SIDC = `S${affil}EFIPBF------` ;\nttl = 360; \n}\n//emergency is closed SFGDU-------\nelse if ((/b-a-o-can/).test(eventType)) { deleted = true }\n\n\nconsole.log(eventType,\"--->\",SIDC);\nSIDC = SIDC.substr(0, 12).toUpperCase();\n\n/* \nPoints on the Worldmap can only have one uniquite identifier, which is also\nthat Points display name. If possible, use a Callsign, otherwise use UID.\n*/\nlet callsign;\nlet _contact = detail[\"contact\"];\nif (_contact === undefined) {\n callsign = uid;\n} else {\n callsign = _contact[0][\"$\"][\"callsign\"]; \n}\n\n/* Mouse-over Label */\nlet label = `Callsign: ${callsign} UID: ${uid}
Type: ${eventType} SIDC: ${SIDC}`\n\nlet remarks = detail[\"remarks\"];\nif (remarks) {\n let remark = remarks[0][\"$\"];\n label = `${label}
${remark}`;\n}\n\nlet track = detail[\"track\"]\nlet bearing = null;\nlet speed = null;\n\nif (track) {\n let course = +track[0][\"$\"][\"course\"];\n if (course) {\n if (course !== invalid) {\n bearing = course;\n }\n }\n\n let _speed = +track[0][\"$\"][\"speed\"];\n if (_speed) {\n if (_speed !== invalid) {\n speed = _speed;\n }\n }\n}\n\n/* \nIf CoT Point CE is set and is not invalid, use that as Worldmap Point Accuracy. \n*/\nlet accuracy = null;\nlet ce = +event[\"point\"][0][\"$\"][\"ce\"];\nif (ce != invalid) { accuracy = ce; }\n\n/* Add a helpful weblink to Worldmap Points. */\nlet weblink = null;\nif (uid.includes(\"ICAO\")) {\n weblink = `https://globe.adsbexchange.com/?icao=${uid.replace(\"ICAO-\", \"\")}`;\n} else if (uid.includes(\"APRS\")) {\n weblink = `https://qrz.com/db/${uid.replace(\"APRS.\", \"\").split(\"-\")[0]}`;\n}\nelse{\n weblink = 'https://spatialillusions.com/unitgenerator/';\n}\n\nlet lat = +event[\"point\"][0][\"$\"][\"lat\"];\nlet lon = +event[\"point\"][0][\"$\"][\"lon\"];\nlet alt = +event[\"point\"][0][\"$\"][\"hae\"];\nif (alt == invalid) { alt = undefined; }\n\nif (lat == 0 && lon == 0 && !alt) {\n console.log(callsign,\"is at null island.\",eventType)\n lat = Math.round(1000000 * lat + Math.random() * 10000) / 1000000;\n lon = Math.round(1000000 * lon + Math.random() * 10000) / 1000000;\n}\n\n/* Serialize as a Worldmap compatible Payload. */\nmsg.payload = {\n name: callsign,\n tooltip: label,\ndeleted: deleted,\n lat: lat,\n lon: lon,\n alt: alt,\n speed: speed,\n bearing: bearing,\n accuracy: accuracy,\n type: eventType,\n SIDC: SIDC,\n ttl: ttl,\n weblink: weblink,\n layer: eventType,\n options: { scale:0.8 }\n}\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [ - - ], - "x": 1010, - "y": 160, - "wires": [ - [ - "3a1205e793d055fa", - "885b808dd8a4895d" - ] - ] - }, - { - "id": "bbaeafe55e6385e4", - "type": "comment", - "z": "db2b165142e8c36a", - "name": "API Token here", - "info": "", - "x": 880, - "y": 400, - "wires": [ - - ] - } -] diff --git a/roles/nodered/templates/old.salute.json.j2 b/roles/nodered/templates/old.salute.json.j2 deleted file mode 100644 index 2bba140..0000000 --- a/roles/nodered/templates/old.salute.json.j2 +++ /dev/null @@ -1,313 +0,0 @@ -[ - { - "id": "9c3be5f3.90e288", - "type": "tab", - "label": "SALUTE", - "disabled": false, - "info": "", - "env": [] - }, - { - "id": "3db9bf25.a5ca2", - "type": "ui_form", - "z": "9c3be5f3.90e288", - "name": "form", - "label": "SALUTE", - "group": "c3abc391.1d58", - "order": 0, - "width": 0, - "height": 0, - "options": [ - { - "label": "Report Name", - "value": "name", - "type": "text", - "required": true, - "rows": null - }, - { - "label": "Location", - "value": "address", - "type": "text", - "required": true, - "rows": null - }, - { - "label": "Callsign", - "value": "userCallsign", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "report Date", - "value": "dateTime", - "type": "date", - "required": true, - "rows": null - }, - { - "label": "TimeObserved", - "value": "time", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Duration of Even", - "value": "Duration", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "event Scale", - "value": "eventScale", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Type", - "value": "type", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Equipment", - "value": "equipment", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "status", - "value": "status", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Size", - "value": "size", - "type": "number", - "required": false, - "rows": null - }, - { - "label": "Importance", - "value": "importance", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Activity", - "value": "activity", - "type": "multiline", - "required": true, - "rows": 3 - }, - { - "label": "Unit Identification", - "value": "Identification", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Assessed Threats", - "value": "AssessedThreats", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "MethodOfDetection", - "value": "Method", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Surveillance Type", - "value": "SurveillanceType", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Final Remarks", - "value": "FinalRemarks", - "type": "text", - "required": false, - "rows": null - } - ], - "formValue": { - "name": "", - "address": "", - "userCallsign": "", - "dateTime": "", - "time": "", - "Duration": "", - "eventScale": "", - "type": "", - "equipment": "", - "status": "", - "size": "", - "importance": "", - "activity": "", - "Identification": "", - "AssessedThreats": "", - "Method": "", - "SurveillanceType": "", - "FinalRemarks": "" - }, - "payload": "", - "submit": "submit", - "cancel": "cancel", - "topic": "topic", - "topicType": "msg", - "splitLayout": true, - "className": "", - "x": 130, - "y": 300, - "wires": [ - [ - "b141c7b.7bd5138", - "12195b34.dece55" - ] - ] - }, - { - "id": "1bde6131.aeec3f", - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "true", - "targetType": "full", - "statusVal": "", - "statusType": "auto", - "x": 850, - "y": 260, - "wires": [] - }, - { - "id": "2d8912f5.e50c8e", - "type": "http request", - "z": "9c3be5f3.90e288", - "name": "", - "method": "POST", - "ret": "txt", - "paytoqs": "body", - "url": "http://0.0.0.0:19023/ManageKML/postKML", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "senderr": false, - "x": 670, - "y": 320, - "wires": [ - [ - "1bde6131.aeec3f", - "573bdb94.029964" - ] - ] - }, - { - "id": "b141c7b.7bd5138", - "type": "function", - "z": "9c3be5f3.90e288", - "name": "Create rest", - "func": "msg.payload ={\n name: msg.payload.name,\n address: msg.payload.address,\n body :{\n userCallsign: msg.payload.userCallsign,\n dateTime: msg.payload.dateTime,\n TimeObserved: msg.payload.time,\n MethodOfDetection: msg.payload.Method,\n SurveillanceType: msg.payload.SurveillanceType,\n DurationofEvent: msg.payload.Duration,\n eventScale: msg.payload.eventScale,\n type: msg.payload.type,\n Size:msg.payload.size,\n Equipment: msg.payload.equipment,\n activity: msg.payload.activity,\n importance: msg.payload.importance,\n status: msg.payload.status,\n Identification: msg.payload.Identification,\n AssessedThreats: msg.payload.AssessedThreats,\n FinalRemarks: msg.payload.FinalRemarks\n}\n}\n\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 480, - "y": 320, - "wires": [ - [ - "2d8912f5.e50c8e", - "f14ea69be158a681" - ] - ] - }, - { - "id": "573bdb94.029964", - "type": "ui_toast", - "z": "9c3be5f3.90e288", - "position": "top right", - "displayTime": "5", - "highlight": "", - "sendall": true, - "outputs": 0, - "ok": "OK", - "cancel": "", - "raw": false, - "topic": "", - "name": "", - "x": 910, - "y": 380, - "wires": [] - }, - { - "id": "12195b34.dece55", - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "false", - "statusVal": "", - "statusType": "auto", - "x": 390, - "y": 280, - "wires": [] - }, - { - "id": "f14ea69be158a681", - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "REST", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 670, - "y": 240, - "wires": [] - }, - { - "id": "c3abc391.1d58", - "type": "ui_group", - "name": "SALUTE Form", - "tab": "5809210.24f5ce", - "order": 1, - "disp": true, - "width": "12", - "collapse": false - }, - { - "id": "5809210.24f5ce", - "type": "ui_tab", - "name": "FTS Forms", - "icon": "dashboard", - "disabled": false, - "hidden": false - } -] diff --git a/roles/nodered/templates/salute.json.j2 b/roles/nodered/templates/salute.json.j2 deleted file mode 100644 index c1163e8..0000000 --- a/roles/nodered/templates/salute.json.j2 +++ /dev/null @@ -1,295 +0,0 @@ -{ - "label": "SALUTE", - "disabled": false, - "info": "", - "env": [], - "nodes": [ - { - "type": "ui_form", - "z": "9c3be5f3.90e288", - "name": "form", - "label": "SALUTE", - "group": "c3abc391.1d58", - "order": 0, - "width": 0, - "height": 0, - "options": [ - { - "label": "Report Name", - "value": "name", - "type": "text", - "required": true, - "rows": null - }, - { - "label": "Location", - "value": "address", - "type": "text", - "required": true, - "rows": null - }, - { - "label": "Callsign", - "value": "userCallsign", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "report Date", - "value": "dateTime", - "type": "date", - "required": true, - "rows": null - }, - { - "label": "TimeObserved", - "value": "time", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Duration of Even", - "value": "Duration", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "event Scale", - "value": "eventScale", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Type", - "value": "type", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Equipment", - "value": "equipment", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "status", - "value": "status", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Size", - "value": "size", - "type": "number", - "required": false, - "rows": null - }, - { - "label": "Importance", - "value": "importance", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Activity", - "value": "activity", - "type": "multiline", - "required": true, - "rows": 3 - }, - { - "label": "Unit Identification", - "value": "Identification", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Assessed Threats", - "value": "AssessedThreats", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "MethodOfDetection", - "value": "Method", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Surveillance Type", - "value": "SurveillanceType", - "type": "text", - "required": false, - "rows": null - }, - { - "label": "Final Remarks", - "value": "FinalRemarks", - "type": "text", - "required": false, - "rows": null - } - ], - "formValue": { - "name": "", - "address": "", - "userCallsign": "", - "dateTime": "", - "time": "", - "Duration": "", - "eventScale": "", - "type": "", - "equipment": "", - "status": "", - "size": "", - "importance": "", - "activity": "", - "Identification": "", - "AssessedThreats": "", - "Method": "", - "SurveillanceType": "", - "FinalRemarks": "" - }, - "payload": "", - "submit": "submit", - "cancel": "cancel", - "topic": "topic", - "topicType": "msg", - "splitLayout": true, - "className": "", - "x": 230, - "y": 160, - "wires": [ - [ - "b141c7b.7bd5138", - "12195b34.dece55" - ] - ] - }, - { - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "true", - "targetType": "full", - "statusVal": "", - "statusType": "auto", - "x": 910, - "y": 160, - "wires": [] - }, - { - "type": "http request", - "z": "9c3be5f3.90e288", - "name": "", - "method": "POST", - "ret": "txt", - "paytoqs": "body", - "url": "http://0.0.0.0:19023/ManageKML/postKML", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "senderr": false, - "x": 670, - "y": 220, - "wires": [ - [ - "1bde6131.aeec3f", - "573bdb94.029964" - ] - ] - }, - { - "type": "function", - "z": "9c3be5f3.90e288", - "name": "Create rest", - "func": "msg.payload ={\n name: msg.payload.name,\n address: msg.payload.address,\n body :{\n userCallsign: msg.payload.userCallsign,\n dateTime: msg.payload.dateTime,\n TimeObserved: msg.payload.time,\n MethodOfDetection: msg.payload.Method,\n SurveillanceType: msg.payload.SurveillanceType,\n DurationofEvent: msg.payload.Duration,\n eventScale: msg.payload.eventScale,\n type: msg.payload.type,\n Size:msg.payload.size,\n Equipment: msg.payload.equipment,\n activity: msg.payload.activity,\n importance: msg.payload.importance,\n status: msg.payload.status,\n Identification: msg.payload.Identification,\n AssessedThreats: msg.payload.AssessedThreats,\n FinalRemarks: msg.payload.FinalRemarks\n}\n}\n\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 480, - "y": 220, - "wires": [ - [ - "2d8912f5.e50c8e", - "f14ea69be158a681" - ] - ] - }, - { - "type": "ui_toast", - "z": "9c3be5f3.90e288", - "position": "top right", - "displayTime": "5", - "highlight": "", - "sendall": true, - "outputs": 0, - "ok": "OK", - "cancel": "", - "raw": false, - "topic": "", - "name": "", - "x": 880, - "y": 260, - "wires": [] - }, - { - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "false", - "statusVal": "", - "statusType": "auto", - "x": 480, - "y": 120, - "wires": [] - }, - { - "type": "debug", - "z": "9c3be5f3.90e288", - "name": "REST", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 680, - "y": 120, - "wires": [] - }, - { - "type": "comment", - "z": "9c3be5f3.90e288", - "name": "Customize this!", - "info": "", - "x": 660, - "y": 340, - "wires": [] - } - ] -} diff --git a/roles/nodered/templates/webmap.json.j2 b/roles/nodered/templates/webmap.json.j2 deleted file mode 100644 index 3ca7ef0..0000000 --- a/roles/nodered/templates/webmap.json.j2 +++ /dev/null @@ -1,504 +0,0 @@ -{ - "label": "Web Map 2", - "disabled": false, - "info": "Get the flow of COT from FTS and display on a web map (credit @ampledata#8354)", - "nodes": [ - { - "type": "inject", - "z": "db2b165142e8c36a", - "name": "", - "props": [ - { - "p": "payload" - }, - { - "p": "topic", - "vt": "str" - } - ], - "repeat": "120", - "crontab": "", - "once": true, - "onceDelay": 0.1, - "topic": "", - "payload": "", - "payloadType": "date", - "x": 170, - "y": 160, - "wires": [ - [ - "33593e8ece650844" - ] - ] - }, - { - "type": "function", - "z": "db2b165142e8c36a", - "name": "CoT Ping", - "func": " msg.host = global.get('FTH_FTS_URL');\n msg.port = global.get('FTH_FTS_TCP_Port');\nconst dt = Date.now();\nconst dtD = new Date(dt).toISOString();\nconst dtD5 = new Date(dt + 250000).toISOString();\n\nmsg.payload = {\n event: {\n \"$\": { \n version: \"2.0\", \n type: \"t-x-d-d\", \n uid : \"node-red\",\n time: dtD,\n start: dtD,\n stale: dtD5,\n how: \"m-g\"\n }\n }\n \n}\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 320, - "y": 160, - "wires": [ - [ - "7a0f7d3e4099e946" - ] - ] - }, - { - "type": "xml", - "z": "db2b165142e8c36a", - "name": "", - "property": "payload", - "attr": "", - "chr": "", - "x": 450, - "y": 160, - "wires": [ - [ - "52446a6c25605721" - ] - ] - }, - { - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Keep Server Connection Alive", - "info": "", - "x": 200, - "y": 120, - "wires": [] - }, - { - "type": "tcp request", - "z": "db2b165142e8c36a", - "name": "FTS Server", - "server": "", - "port": "", - "out": "sit", - "ret": "buffer", - "splitc": " ", - "x": 590, - "y": 160, - "wires": [ - [ - "3c62054705949d69", - "4134eaa89c5c71e0" - ] - ] - }, - { - "type": "function", - "z": "db2b165142e8c36a", - "name": "buf->str", - "func": "/*\nlet oldPayload = msg.payload;\nmsg.payload = oldPayload.toString();\nreturn msg;\n*/\n\nvar rest = context.rest || \"\";\nvar p = rest + msg.payload.toString();\nvar b = p.split(\"\");\nwhile (b.length > 1) {\n var m = b.shift();\n node.send({ payload: m + \"\" });\n}\ncontext.rest = b;\nreturn;\n", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 740, - "y": 160, - "wires": [ - [ - "91213e2448bab185" - ] - ] - }, - { - "type": "xml", - "z": "db2b165142e8c36a", - "name": "", - "property": "payload", - "attr": "", - "chr": "", - "x": 870, - "y": 160, - "wires": [ - [ - "4b3df29696d9fc8f" - ] - ] - }, - { - "type": "function", - "z": "db2b165142e8c36a", - "name": "CoT to Map", - "func": "/*\nThe following block of code transforms a JSONified CoT Event into a Worldmap \nPoint Payload.\n*/\n\nlet invalid = 9999999;\nlet event = msg.payload[\"event\"];\n\n/* \nIf the CoT Event contains Detail Elements, extract the first one.\nIf there are no Detail Elements, break.\n*/\nlet _detail = event[\"detail\"];\nif (_detail === undefined) { return null; }\nlet detail = _detail[0];\n\n/*\nIf the CoT Event contains a Point element, use it. If not, break.\n*/\nlet point = event[\"point\"];\nif (point === undefined) { return null; }\n\n/* We'll use UID a couple of times, so lets set it as a variable here. */\nlet uid = event[\"$\"][\"uid\"];\n\n/* Extract the Event Type and Affiliation. */\nlet eventType = event[\"$\"][\"type\"];\nif (eventType === \"t-x-d-d\") { return; } // ignore pings\nconsole.log(eventType);\nlet et = eventType.split(\"-\");\nlet affil = et[1];\n\n/* There is no '.' notation in SDR, so mark Neutral. */\nif (affil.includes(\".\")) { affil = \"n\"; } \n\n/* Ram the CoT Event Type portions into a SIDR Type */\nlet SIDC = `s${affil}${et[2]}p${et[3] || \"-\" }${et[4] || \"-\" }${et[5] || \"-\" }--------`;\nSIDC = SIDC.substr(0,12).toUpperCase();\n\n/* Now handle all the weird extra CoT ones... */\nif (eventType === \"a-h-X-i-o\") { \n console.log(\"XIO--->\",SIDC)\n SIDC = \"EHIP--------\" }\nelse if (eventType === \"a-h-X-i-m-d\") { \n console.log(\"XIMD--->\",SIDC)\n SIDC = \"EHNPBB------\" }\nelse if (eventType === \"a-h-X-i-g-e\") { \n console.log(\"XIGE--->\",SIDC)\n SIDC = \"EHNPAC------\" }\n\n\nconsole.log(SIDC);\n\n/* \nPoints on the Worldmap can only have one uniquite identifier, which is also\nthat Points display name. If possible, use a Callsign, otherwise use UID.\n*/\nlet callsign;\nlet _contact = detail[\"contact\"];\nif (_contact === undefined) {\n callsign = uid;\n} else {\n callsign = _contact[0][\"$\"][\"callsign\"]; \n}\n\n/* Mouse-over Label */\nlet label = `Callsign: ${callsign} UID: ${uid}
Type: ${eventType} SIDC: ${SIDC}`\n\nlet remarks = detail[\"remarks\"];\nif (remarks) {\n let remark = remarks[0][\"$\"];\n label = `${label}
${remark}`;\n}\n\nlet track = detail[\"track\"]\nlet bearing = null;\nlet speed = null;\n\nif (track) {\n let course = +track[0][\"$\"][\"course\"];\n if (course) {\n if (course !== invalid && course.toString() !== \"0\") {\n bearing = course;\n }\n }\n\n let _speed = track[0][\"$\"][\"speed\"];\n if (_speed) {\n if (_speed.toString() !== invalid) {\n speed = _speed;\n }\n }\n}\n\n/* \nIf CoT Point CE is set and is not invalid, use that as Worldmap Point Accuracy. \n*/\nlet accuracy = null;\nlet ce = event[\"point\"][0][\"$\"][\"ce\"];\nif (ce.toString() != invalid) { accuracy = ce; }\n\n/* Add a helpful weblink to Worldmap Points. */\nlet weblink = null;\nif (uid.includes(\"ICAO\")) {\n weblink = `https://globe.adsbexchange.com/?icao=${uid.replace(\"ICAO-\", \"\")}`;\n} else if (uid.includes(\"APRS\")) {\n weblink = `https://qrz.com/db/${uid.replace(\"APRS.\", \"\").split(\"-\")[0]}`;\n}\n\nlet lat = event[\"point\"][0][\"$\"][\"lat\"];\nlet lon = event[\"point\"][0][\"$\"][\"lon\"];\nlet alt = event[\"point\"][0][\"$\"][\"hae\"];\n\nif (lat == 0 && lon == 0 && alt == 0) {\n console.log(callsign,\"is at null island.\",eventType)\n lat = Math.round(1000000 * lat + Math.random() * 10000) / 1000000;\n lon = Math.round(1000000 * lon + Math.random() * 10000) / 1000000;\n}\n\n/* Serialize as a Worldmap compatible Payload. */\nmsg.payload = {\n name: callsign,\n tooltip: label,\n lat: lat,\n lon: lon,\n alt: alt,\n speed: speed,\n bearing: bearing,\n accuracy: accuracy,\n SIDC: SIDC,\n ttl: 600,\n weblink: weblink,\n layer: eventType,\n options: {scale:0.8}\n}\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 990, - "y": 40, - "wires": [ - [] - ] - }, - { - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Connect to FTS", - "info": "", - "x": 600, - "y": 120, - "wires": [] - }, - { - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Convert to Worldmap Payload", - "info": "", - "x": 1060, - "y": 120, - "wires": [] - }, - { - "type": "debug", - "z": "db2b165142e8c36a", - "name": "TAK map output", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1260, - "y": 80, - "wires": [] - }, - { - "type": "worldmap", - "z": "db2b165142e8c36a", - "name": "TAK Map", - "lat": "43", - "lon": "13", - "zoom": "4", - "layer": "EsriDG", - "cluster": "", - "maxage": "5000", - "usermenu": "show", - "layers": "show", - "panit": "false", - "panlock": "false", - "zoomlock": "false", - "hiderightclick": "false", - "coords": "deg", - "showgrid": "true", - "allowFileDrop": "true", - "path": "/tak-map", - "overlist": "DR,CO,RA,DN,BU,RW,SN,AC,TL,HM", - "maplist": "OSMG,OSMC,EsriC,EsriS,EsriT,EsriO,EsriDG,NatGeo,OpTop,SW", - "mapname": "", - "mapurl": "", - "mapopt": "", - "mapwms": false, - "x": 1240, - "y": 220, - "wires": [] - }, - { - "type": "worldmap in", - "z": "db2b165142e8c36a", - "name": "", - "path": "/tak-map", - "events": "connect", - "x": 220, - "y": 280, - "wires": [ - [ - "3f1c45fae45fc2ae" - ] - ] - }, - { - "type": "worldmap in", - "z": "db2b165142e8c36a", - "name": "event", - "path": "/tak-map", - "events": "other", - "x": 220, - "y": 440, - "wires": [ - [ - "9e3dcf9240c85d5a" - ] - ] - }, - { - "type": "debug", - "z": "db2b165142e8c36a", - "name": "No form!!", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 700, - "y": 580, - "wires": [] - }, - { - "type": "function", - "z": "db2b165142e8c36a", - "name": "form", - "func": "msg.payload = { command: {\ncontextmenu: String.raw`\n\n\n\n\n\n\n\n\n\n\n
Attitude
Type
TimeoutS
Name
\n`\n}}\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 1010, - "y": 260, - "wires": [ - [ - "3a1205e793d055fa" - ] - ] - }, - { - "type": "config", - "z": "db2b165142e8c36a", - "name": "FTH Global Config", - "properties": [ - { - "p": "FTH_FTS_URL", - "pt": "global", - "to": "0.0.0.0", - "tot": "str" - }, - { - "p": "FTH_FTS_TCP_Port", - "pt": "global", - "to": "8087", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Port", - "pt": "global", - "to": "19023", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Auth", - "pt": "global", - "to": "token", - "tot": "str" - }, - { - "p": "FTH_FTS_STREAM_Port", - "pt": "global", - "to": "8554", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_URL", - "pt": "global", - "to": "0.0.0.0", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_API_PORT", - "pt": "global", - "to": "9997", - "tot": "str" - } - ], - "active": true, - "x": 190, - "y": 80, - "wires": [] - }, - { - "type": "http request", - "z": "db2b165142e8c36a", - "name": "Post COT to FTS", - "method": "POST", - "ret": "txt", - "paytoqs": "ignore", - "url": "{{ true_web_ipv4 }}:19023/ManageGeoObject/postGeoObject", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "senderr": false, - "x": 890, - "y": 480, - "wires": [ - [ - "e42b1fdd3dd68980" - ] - ] - }, - { - "type": "http request", - "z": "db2b165142e8c36a", - "name": "Post Video to FTS", - "method": "POST", - "ret": "txt", - "paytoqs": "ignore", - "url": "{{ true_web_ipv4 }}:19023/ManageVideoStream/postVideoStream", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "x": 1770, - "y": 520, - "wires": [ - [] - ] - }, - { - "type": "http request", - "z": "db2b165142e8c36a", - "name": "Post Video to FTS", - "method": "POST", - "ret": "txt", - "paytoqs": "ignore", - "url": "{{ true_web_ipv4 }}:19023/ManageVideoStream/postVideoStream", - "tls": "", - "persist": false, - "proxy": "", - "authType": "bearer", - "x": 1790, - "y": 480, - "wires": [ - [] - ] - }, - { - "type": "function", - "z": "db2b165142e8c36a", - "name": "", - "func": "\n msg.addr = global.get('FTH_FTS_URL');\n msg.port = global.get('FTH_FTS_API_Port');\nlet lon = msg.payload.lon;\n let lat = msg.payload.lat;\n let attitude = msg.payload.value.attitude;\n let geoobject = msg.payload.value.geobject;\n let timeOut = msg.payload.name.timeout;\n let aName = msg.payload.value.name;\n let token = global.get('FTH_FTS_API_Auth');\n\n \nmsg.headers = {};\nmsg.headers['Authorization'] = \"Bearer \"+ token;\n \n\nmsg.payload = [];\n\n msg.payload={\n longitude: lon,\n latitude: lat,\nattitude: attitude,\ngeoObject: geoobject,\nhow: \"nonCoT\",\nname: aName,\ntimeout: timeOut \n };\n \nreturn msg;\n", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 700, - "y": 480, - "wires": [ - [ - "f9c1c3d2b0dcf4da" - ] - ] - }, - { - "type": "debug", - "z": "db2b165142e8c36a", - "name": "API Response", - "active": true, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 1120, - "y": 480, - "wires": [] - }, - { - "type": "switch", - "z": "db2b165142e8c36a", - "name": "check message", - "property": "payload.value.name", - "propertyType": "msg", - "rules": [ - { - "t": "nempty" - }, - { - "t": "empty" - } - ], - "checkall": "true", - "repair": false, - "outputs": 2, - "x": 480, - "y": 480, - "wires": [ - [ - "64334cba1273e06c" - ], - [ - "bf877041be384805" - ] - ] - }, - { - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Add the menu", - "info": "", - "x": 210, - "y": 240, - "wires": [] - }, - { - "type": "comment", - "z": "db2b165142e8c36a", - "name": "Get the result from the post", - "info": "", - "x": 250, - "y": 380, - "wires": [] - }, - { - "type": "comment", - "z": "db2b165142e8c36a", - "name": "CONFIG ME!!!!", - "info": "", - "x": 170, - "y": 40, - "wires": [] - }, - { - "type": "debug", - "z": "db2b165142e8c36a", - "name": "Strem output", - "active": false, - "tosidebar": true, - "console": false, - "tostatus": false, - "complete": "payload", - "targetType": "msg", - "statusVal": "", - "statusType": "auto", - "x": 770, - "y": 80, - "wires": [] - }, - { - "type": "function", - "z": "db2b165142e8c36a", - "name": "CoT to Map", - "func": "/*\nThe following block of code transforms a JSONified CoT Event into a Worldmap \nPoint Payload.\n*/\nlet ttl= 3600;\nlet deleted = false; //= 'undefined';\nlet invalid = 9999999;\nlet event = msg.payload[\"event\"];\n\n/* \nIf the CoT Event contains Detail Elements, extract the first one.\nIf there are no Detail Elements, break.\n*/\nlet _detail = event[\"detail\"];\nif (_detail === undefined) { return null; }\nlet detail = _detail[0];\n\n/*\nIf the CoT Event contains a Point element, use it. If not, break.\n*/\nlet point = event[\"point\"];\nif (point === undefined) { return null; }\n\n/* We'll use UID a couple of times, so lets set it as a variable here. */\nlet uid = event[\"$\"][\"uid\"];\n\n/* Extract the Event Type and Affiliation. */\nlet eventType = event[\"$\"][\"type\"];\nif (eventType === \"t-x-d-d\") { return; } // ignore pings\n\nlet et = eventType.split(\"-\");\nlet affil = et[1];\n\n/* There is no '.' notation in SDR, so mark Neutral. */\nif (affil.includes(\".\")) { affil = \"n\"; } \n\n/* Ram the CoT Event Type portions into a SIDR Type */\nlet SIDC = `s${affil}${et[2]}p${et[3] || \"-\" }${et[4] || \"-\" }${et[5] || \"-\" }--------`;\n\n/* Now handle all the weird extra CoT ones... */\nif ((/a-.-X-i-o/).test(eventType)) { SIDC = `E${affil}IP--------` }\nelse if ((/a-.-X-i-g-a/).test(eventType)) { SIDC = `EFNPAB------` }\nelse if ((/a-.-X-i-g-e/).test(eventType)) { SIDC = `EFNPAC------` }\nelse if ((/a-.-X-i-g-l/).test(eventType)) { SIDC = `EFNPAD------` }\nelse if ((/a-.-X-i-g-s/).test(eventType)) { SIDC = `EFNPAE------` }\nelse if ((/a-.-X-i-g-v-e/).test(eventType)) { SIDC = `WFSPWSVE----` }\nelse if ((/a-.-X-i-g-v/).test(eventType)) { SIDC = `EFNPAG------` }\nelse if ((/a-.-X-i-g/).test(eventType)) { SIDC = `E${affil}NPA-------` }\nelse if ((/a-.-X-i-m-c/).test(eventType)) { SIDC = `WFSPWSTSS---` }\nelse if ((/a-.-X-i-m-d/).test(eventType)) { SIDC = `EFNPBB------` }\nelse if ((/a-.-X-i-m-n/).test(eventType)) { SIDC = `EFNPBM------` }\nelse if ((/a-.-X-i-f/).test(eventType)) { SIDC = `E${affil}IPC-------` }\nelse if ((/a-.-X-i-h/).test(eventType)) { SIDC = `E${affil}OPA-------` }\nelse if ((/a-.-X-i-t-v-a/).test(eventType)) { SIDC = `E${affil}IPHA------` }\n\nelse if ((/a-.-G-I-X-H/).test(eventType)) { SIDC = `S${affil}GPIXH---H-` }\nelse if ((/a-.-G-I-i-l/).test(eventType)) { SIDC = `E${affil}OPDJC-----` }\nelse if ((/a-.-G-I-R-P/).test(eventType)) { SIDC = `S${affil}GPIRP---H-` }\nelse if ((/a-.-G-I-U-E/).test(eventType)) { SIDC = `S${affil}GPIUE---H-` }\nelse if ((/a-.-G-I-U-T/).test(eventType)) { SIDC = `S${affil}GPIUT---H-` }\nelse if ((/a-.-G-I-i-e/).test(eventType)) { SIDC = `E${affil}OPBC------` }\n\nelse if ((/a-.-G-U-C-V-R-E/).test(eventType)) { SIDC = `S${affil}APMFO-----` }\nelse if ((/a-.-A-M-F-Q-H/).test(eventType)) { SIDC = `S${affil}APMFH-----` }\n\nelse if ((/a-.-G-I-U-T/).test(eventType)) { SIDC = `S${affil}GPIUT---H-` }\nelse if ((/b-r-.-O-I-V/).test(eventType)) { SIDC = `S${affil}EFIPAC------` }\n// emrgency open send symbol and reduce ttl\nelse if ((/b-a-o-opn/).test(eventType)) \n//{ SIDC = `S${affil}SFGDU-------` ;\n{ SIDC = `S${affil}EFIPBF------` ;\nttl = 360; \n}\n//emergency is closed\nelse if ((/b-a-o-can/).test(eventType)) { deleted = true }\n\n\nconsole.log(eventType,\"--->\",SIDC);\nSIDC = SIDC.substr(0, 12).toUpperCase();\n\n/* \nPoints on the Worldmap can only have one uniquite identifier, which is also\nthat Points display name. If possible, use a Callsign, otherwise use UID.\n*/\nlet callsign;\nlet _contact = detail[\"contact\"];\nif (_contact === undefined) {\n callsign = uid;\n} else {\n callsign = _contact[0][\"$\"][\"callsign\"]; \n}\n\n/* Mouse-over Label */\nlet label = `Callsign: ${callsign} UID: ${uid}
Type: ${eventType} SIDC: ${SIDC}`\n\nlet remarks = detail[\"remarks\"];\nif (remarks) {\n let remark = remarks[0][\"$\"];\n label = `${label}
${remark}`;\n}\n\nlet track = detail[\"track\"]\nlet bearing = null;\nlet speed = null;\n\nif (track) {\n let course = +track[0][\"$\"][\"course\"];\n if (course) {\n if (course !== invalid) {\n bearing = course;\n }\n }\n\n let _speed = +track[0][\"$\"][\"speed\"];\n if (_speed) {\n if (_speed !== invalid) {\n speed = _speed;\n }\n }\n}\n\n/* \nIf CoT Point CE is set and is not invalid, use that as Worldmap Point Accuracy. \n*/\nlet accuracy = null;\nlet ce = +event[\"point\"][0][\"$\"][\"ce\"];\nif (ce != invalid) { accuracy = ce; }\n\n/* Add a helpful weblink to Worldmap Points. */\nlet weblink = null;\nif (uid.includes(\"ICAO\")) {\n weblink = `https://globe.adsbexchange.com/?icao=${uid.replace(\"ICAO-\", \"\")}`;\n} else if (uid.includes(\"APRS\")) {\n weblink = `https://qrz.com/db/${uid.replace(\"APRS.\", \"\").split(\"-\")[0]}`;\n}\nelse{\n weblink = 'https://spatialillusions.com/unitgenerator/';\n}\n\nlet lat = +event[\"point\"][0][\"$\"][\"lat\"];\nlet lon = +event[\"point\"][0][\"$\"][\"lon\"];\nlet alt = +event[\"point\"][0][\"$\"][\"hae\"];\nif (alt == invalid) { alt = undefined; }\n\nif (lat == 0 && lon == 0 && !alt) {\n console.log(callsign,\"is at null island.\",eventType)\n lat = Math.round(1000000 * lat + Math.random() * 10000) / 1000000;\n lon = Math.round(1000000 * lon + Math.random() * 10000) / 1000000;\n}\n\n/* Serialize as a Worldmap compatible Payload. */\nmsg.payload = {\n name: callsign,\n tooltip: label,\ndeleted: deleted,\n lat: lat,\n lon: lon,\n alt: alt,\n speed: speed,\n bearing: bearing,\n accuracy: accuracy,\n type: eventType,\n SIDC: SIDC,\n ttl: ttl,\n weblink: weblink,\n layer: eventType,\n options: { scale:0.8 }\n}\n\nreturn msg;", - "outputs": 1, - "noerr": 0, - "initialize": "", - "finalize": "", - "libs": [], - "x": 1010, - "y": 160, - "wires": [ - [ - "3a1205e793d055fa", - "885b808dd8a4895d" - ] - ] - } - ] -} diff --git a/scripts/easy_install.backup.sh b/scripts/easy_install.backup.sh index e179132..3d9d977 100644 --- a/scripts/easy_install.backup.sh +++ b/scripts/easy_install.backup.sh @@ -731,7 +731,7 @@ webmap_shell_install() { print_info "configuring webmap" # configure ip in webMAP_config.json - local search="\"FTH_FTS_URL\": \"204.48.30.216\"," + local search="\"FTH_FTS_URL\": \"0.0.0.0\"," local replace="\"FTH_FTS_URL\": \"$my_ipv4\"," replace "/tmp/$webmap_config" "$search" "$replace" chgrp "$group_name" "/tmp/$webmap_config" From 0de79d71234e9e83c9c1cf8f09335020fe9a6804 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Fri, 11 Oct 2024 15:53:19 +0000 Subject: [PATCH 69/80] removed personal paths --- ansible.cfg | 48 ++++++++++++------------ roles/nodered/defaults/main.yml | 9 +---- roles/nodered/tasks/configure-Ubuntu.yml | 2 - 3 files changed, 25 insertions(+), 34 deletions(-) diff --git a/ansible.cfg b/ansible.cfg index 17c9350..1e92ced 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -32,7 +32,7 @@ any_errors_fatal=False become_password_file= # (pathspec) Colon-separated paths in which Ansible will search for Become Plugins. -become_plugins=/var/home/phreed/.ansible/plugins/become:/usr/share/ansible/plugins/become +become_plugins=/usr/share/ansible/plugins/become # (string) Chooses which cache plugin to use, the default 'memory' is ephemeral. fact_caching=memory @@ -54,7 +54,7 @@ collections_on_ansible_version_mismatch=warning # (pathspec) Colon-separated paths in which Ansible will search for collections content. Collections must be in nested *subdirectories*, not directly in these directories. For example, if ``COLLECTIONS_PATHS`` includes ``'{{ ANSIBLE_HOME ~ "/collections" }}'``, and you want to add ``my.collection`` to that directory, it must be saved as ``'{{ ANSIBLE_HOME} ~ "/collections/ansible_collections/my/collection" }}'``. -collections_path=/var/home/phreed/.ansible/collections:/usr/share/ansible/collections +collections_path=/usr/share/ansible/collections # (boolean) A boolean to enable or disable scanning the sys.path for installed collections. collections_scan_sys_path=True @@ -63,7 +63,7 @@ collections_scan_sys_path=True connection_password_file= # (pathspec) Colon-separated paths in which Ansible will search for Action Plugins. -action_plugins=/var/home/phreed/.ansible/plugins/action:/usr/share/ansible/plugins/action +action_plugins=/usr/share/ansible/plugins/action # (boolean) When enabled, this option allows lookup plugins (whether used in variables as ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked 'unsafe'. # By default, such data is marked as unsafe to prevent the templating engine from evaluating any jinja2 templating language, as this could represent a security risk. This option is provided to allow for backward compatibility, however, users should first consider adding allow_unsafe=True to any lookups that may be expected to contain data that may be run through the templating engine late. @@ -76,16 +76,16 @@ ask_pass=False ask_vault_pass=False # (pathspec) Colon-separated paths in which Ansible will search for Cache Plugins. -cache_plugins=/var/home/phreed/.ansible/plugins/cache:/usr/share/ansible/plugins/cache +cache_plugins=/usr/share/ansible/plugins/cache # (pathspec) Colon-separated paths in which Ansible will search for Callback Plugins. -callback_plugins=/var/home/phreed/.ansible/plugins/callback:/usr/share/ansible/plugins/callback +callback_plugins=/usr/share/ansible/plugins/callback # (pathspec) Colon-separated paths in which Ansible will search for Cliconf Plugins. -cliconf_plugins=/var/home/phreed/.ansible/plugins/cliconf:/usr/share/ansible/plugins/cliconf +cliconf_plugins=/usr/share/ansible/plugins/cliconf # (pathspec) Colon-separated paths in which Ansible will search for Connection Plugins. -connection_plugins=/var/home/phreed/.ansible/plugins/connection:/usr/share/ansible/plugins/connection +connection_plugins=/usr/share/ansible/plugins/connection # (boolean) Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing. Debug output can also include secret information despite no_log settings being enabled, which means debug mode should not be used in production. debug=False @@ -100,7 +100,7 @@ executable=/bin/sh fact_path= # (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Filter Plugins. -filter_plugins=/var/home/phreed/.ansible/plugins/filter:/usr/share/ansible/plugins/filter +filter_plugins=/usr/share/ansible/plugins/filter # (boolean) This option controls if notified handlers run on a host even if a failure occurs on that host. # When false, the handlers will not run if a failure has occurred on a host. @@ -137,14 +137,14 @@ hash_behaviour=replace inventory=/etc/ansible/hosts # (pathspec) Colon-separated paths in which Ansible will search for HttpApi Plugins. -httpapi_plugins=/var/home/phreed/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi +httpapi_plugins=/usr/share/ansible/plugins/httpapi # (float) This sets the interval (in seconds) of Ansible internal processes polling each other. Lower values improve performance with large playbooks at the expense of extra CPU load. Higher values are more suitable for Ansible usage in automation scenarios when UI responsiveness is not required but CPU usage might be a concern. # The default corresponds to the value hardcoded in Ansible <= 2.1 internal_poll_interval=0.001 # (pathspec) Colon-separated paths in which Ansible will search for Inventory Plugins. -inventory_plugins=/var/home/phreed/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory +inventory_plugins=/usr/share/ansible/plugins/inventory # (string) This is a developer-specific feature that allows enabling additional Jinja2 extensions. # See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :) @@ -161,7 +161,7 @@ keep_remote_files=False bin_ansible_callbacks=False # (tmppath) Temporary directory for Ansible to use on the controller. -local_tmp=/var/home/phreed/.ansible/tmp +local_tmp= # (list) List of logger names to filter out of the log file. log_filter= @@ -170,7 +170,7 @@ log_filter= log_path= # (pathspec) Colon-separated paths in which Ansible will search for Lookup Plugins. -lookup_plugins=/var/home/phreed/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup +lookup_plugins=/usr/share/ansible/plugins/lookup # (string) Sets the macro for the 'ansible_managed' variable available for :ref:`ansible_collections.ansible.builtin.template_module` and :ref:`ansible_collections.ansible.windows.win_template_module`. This is only relevant to those two modules. ansible_managed=Ansible managed @@ -185,13 +185,13 @@ module_compression=ZIP_DEFLATED module_name=command # (pathspec) Colon-separated paths in which Ansible will search for Modules. -library=/var/home/phreed/.ansible/plugins/modules:/usr/share/ansible/plugins/modules +library=/usr/share/ansible/plugins/modules # (pathspec) Colon-separated paths in which Ansible will search for Module utils files, which are shared by modules. -module_utils=/var/home/phreed/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils +module_utils=/usr/share/ansible/plugins/module_utils # (pathspec) Colon-separated paths in which Ansible will search for Netconf Plugins. -netconf_plugins=/var/home/phreed/.ansible/plugins/netconf:/usr/share/ansible/plugins/netconf +netconf_plugins=/usr/share/ansible/plugins/netconf # (boolean) Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures. no_log=False @@ -222,7 +222,7 @@ remote_port= remote_user= # (pathspec) Colon-separated paths in which Ansible will search for Roles. -roles_path=/var/home/phreed/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles +roles_path=/usr/share/ansible/roles:/etc/ansible/roles # (string) Set the main callback used to display Ansible output. You can only have one at a time. # You can have many other callbacks, but just one can be in charge of stdout. @@ -233,7 +233,7 @@ stdout_callback=default strategy=linear # (pathspec) Colon-separated paths in which Ansible will search for Strategy Plugins. -strategy_plugins=/var/home/phreed/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy +strategy_plugins=/usr/share/ansible/plugins/strategy # (boolean) Toggle the use of "su" for tasks. su=False @@ -242,10 +242,10 @@ su=False syslog_facility=LOG_USER # (pathspec) Colon-separated paths in which Ansible will search for Terminal Plugins. -terminal_plugins=/var/home/phreed/.ansible/plugins/terminal:/usr/share/ansible/plugins/terminal +terminal_plugins=/usr/share/ansible/plugins/terminal # (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Test Plugins. -test_plugins=/var/home/phreed/.ansible/plugins/test:/usr/share/ansible/plugins/test +test_plugins=/usr/share/ansible/plugins/test # (integer) This is the default timeout for connection plugins to use. timeout=10 @@ -259,7 +259,7 @@ transport=ssh error_on_undefined_vars=True # (pathspec) Colon-separated paths in which Ansible will search for Vars Plugins. -vars_plugins=/var/home/phreed/.ansible/plugins/vars:/usr/share/ansible/plugins/vars +vars_plugins=/usr/share/ansible/plugins/vars # (string) The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The ``--encrypt-vault-id`` CLI option overrides the configured value. vault_encrypt_identity= @@ -298,7 +298,7 @@ display_skipped_hosts=True docsite_root_url=https://docs.ansible.com/ansible-core/ # (pathspec) Colon-separated paths in which Ansible will search for Documentation Fragments Plugins. -doc_fragment_plugins=/var/home/phreed/.ansible/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments +doc_fragment_plugins=/usr/share/ansible/plugins/doc_fragments # (string) By default, Ansible will issue a warning when a duplicate dict key is encountered in YAML. # These warnings can be silenced by adjusting this setting to False. @@ -475,7 +475,7 @@ connect_retry_timeout=15 connect_timeout=30 # (path) Path to the socket to be used by the connection persistence system. -control_path_dir=/var/home/phreed/.ansible/pc +control_path_dir= [connection] @@ -552,7 +552,7 @@ context=3 # (path) The directory that stores cached responses from a Galaxy server. # This is only used by the ``ansible-galaxy collection install`` and ``download`` commands. # Cache files inside this dir will be ignored if they are world writable. -cache_dir=/var/home/phreed/.ansible/galaxy_cache +cache_dir= # (bool) whether ``ansible-galaxy collection install`` should warn about ``--collections-path`` missing from configured :ref:`collections_paths`. collections_path_warning=True @@ -606,7 +606,7 @@ server_list= server_timeout=60 # (path) Local path to galaxy access token file -token_path=/var/home/phreed/.ansible/galaxy_token +token_path= [inventory] diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 72e7f51..2f894b9 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -36,19 +36,12 @@ nodered_nodes: - node-red-dashboard - node-red-contrib-credentials +# Moved to their own repository : these are backups nodered_flows: - - salute.json - videochecker.json - - webmap-v5.json nodered_post_flows_body: "{{ lookup('template', 'flows.json.j2') }}" -nodered_post_flow_salute: "{{ lookup('template', 'salute.json.j2') }}" - -nodered_post_flow_videochecker: "{{ lookup('template', 'videochecker.json.j2') }}" - -# nodered_post_flow_webmap: "{{ lookup('template', 'webmap-v5.json.j2') }}" - nodered_service_name: nodered # Set initial service state. Recommended values: `started` or `stopped`. diff --git a/roles/nodered/tasks/configure-Ubuntu.yml b/roles/nodered/tasks/configure-Ubuntu.yml index 944c612..23b0fa3 100644 --- a/roles/nodered/tasks/configure-Ubuntu.yml +++ b/roles/nodered/tasks/configure-Ubuntu.yml @@ -129,7 +129,6 @@ Node-RED-Deployment-Type: full Authorization: Bearer {{ nodered_admin_token }} body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_Forms_SALUTE/freetakhub_salute.json') }}" -# body: "{{ nodered_post_flow_salute }}" body_format: json status_code: 200 @@ -143,7 +142,6 @@ Node-RED-Deployment-Type: full Authorization: Bearer {{ nodered_admin_token }} body: "{{ lookup('file', playbook_dir + '/FreeTAKHub-Webmap/freetakhub_webmap_v5.json') }}" -# body: "{{ nodered_post_flow_webmap }}" body_format: json status_code: 200 From 9243d513ba4e50900f37040cd91bb551d994aaf8 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 13:33:08 -0500 Subject: [PATCH 70/80] update flow sources, include global-config flow (environment variables) --- roles/nodered/defaults/main.yml | 2 + roles/nodered/tasks/configure-Ubuntu.yml | 20 ++------ roles/nodered/templates/flows.json.j2 | 54 -------------------- roles/nodered/templates/videochecker.json.j2 | 53 ------------------- 4 files changed, 5 insertions(+), 124 deletions(-) diff --git a/roles/nodered/defaults/main.yml b/roles/nodered/defaults/main.yml index 2f894b9..35248e3 100644 --- a/roles/nodered/defaults/main.yml +++ b/roles/nodered/defaults/main.yml @@ -40,6 +40,8 @@ nodered_nodes: nodered_flows: - videochecker.json +nodered_global_config_flow: "{{ lookup('template', 'global-config.json.j2') }}" + nodered_post_flows_body: "{{ lookup('template', 'flows.json.j2') }}" nodered_service_name: nodered diff --git a/roles/nodered/tasks/configure-Ubuntu.yml b/roles/nodered/tasks/configure-Ubuntu.yml index 23b0fa3..346422b 100644 --- a/roles/nodered/tasks/configure-Ubuntu.yml +++ b/roles/nodered/tasks/configure-Ubuntu.yml @@ -79,21 +79,7 @@ wait_for: port: "{{ noderedserver_port }}" -# - name: Import Node-RED flows via HTTP POST -# uri: -# url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flows" -# method: POST -# headers: -# Content-Type: application/json -# Node-RED-API-Version: v1 -# Node-RED-Deployment-Type: full -# Authorization: Bearer {{ nodered_admin_token }} -# body: "{{ nodered_post_flows_body }}" -# body_format: json -# status_code: 204 - - - - name: Import Node-RED FTH Config flow via HTTP POST + - name: Import Node-RED FTH Config via HTTP POST uri: url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flow" method: POST @@ -102,7 +88,7 @@ Node-RED-API-Version: v1 Node-RED-Deployment-Type: full Authorization: Bearer {{ nodered_admin_token }} - body: "{{ lookup('file', playbook_dir + '/FreeTAKHub-Webmap/freetakhub_config.json') }}" + body: nodered_global_config_flow body_format: json status_code: 200 @@ -115,7 +101,7 @@ Node-RED-API-Version: v1 Node-RED-Deployment-Type: full Authorization: Bearer {{ nodered_admin_token }} - body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_VideoChecker/freetakhub_videochecker.json') }}" + body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_VideoChecker/freetakhub_videochecker_n3.json') }}" body_format: json status_code: 200 diff --git a/roles/nodered/templates/flows.json.j2 b/roles/nodered/templates/flows.json.j2 index a322139..7cb565d 100644 --- a/roles/nodered/templates/flows.json.j2 +++ b/roles/nodered/templates/flows.json.j2 @@ -421,60 +421,6 @@ "y": 280, "wires": [] }, - { - "id": "17650e362d95de70", - "type": "config", - "z": "9c3be5f3.90e288", - "name": "FTH Global Config", - "properties": [ - { - "p": "FTH_FTS_URL", - "pt": "global", - "to": "0.0.0.0", - "tot": "str" - }, - { - "p": "FTH_FTS_TCP_Port", - "pt": "global", - "to": "8087", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Port", - "pt": "global", - "to": "19023", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Auth", - "pt": "global", - "to": "token", - "tot": "str" - }, - { - "p": "FTH_FTS_STREAM_Port", - "pt": "global", - "to": "8554", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_URL", - "pt": "global", - "to": "{{ true_web_ipv4 }}", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_API_PORT", - "pt": "global", - "to": "9997", - "tot": "str" - } - ], - "active": true, - "x": 190, - "y": 80, - "wires": [] - }, { "id": "0565f229206163d0", "type": "comment", diff --git a/roles/nodered/templates/videochecker.json.j2 b/roles/nodered/templates/videochecker.json.j2 index 40364f4..0d0103c 100644 --- a/roles/nodered/templates/videochecker.json.j2 +++ b/roles/nodered/templates/videochecker.json.j2 @@ -345,59 +345,6 @@ ] ] }, - { - "type": "config", - "z": "e81402f5.f8254", - "name": "FTH Global Config", - "properties": [ - { - "p": "FTH_FTS_URL", - "pt": "global", - "to": "0.0.0.0", - "tot": "str" - }, - { - "p": "FTH_FTS_TCP_Port", - "pt": "global", - "to": "8087", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Port", - "pt": "global", - "to": "19023", - "tot": "str" - }, - { - "p": "FTH_FTS_API_Auth", - "pt": "global", - "to": "token", - "tot": "str" - }, - { - "p": "FTH_FTS_STREAM_Port", - "pt": "global", - "to": "8554", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_URL", - "pt": "global", - "to": "0.0.0.0", - "tot": "str" - }, - { - "p": "FTH_FTS_VIDEO_API_PORT", - "pt": "global", - "to": "9997", - "tot": "str" - } - ], - "active": true, - "x": 150, - "y": 160, - "wires": [] - }, { "type": "debug", "z": "e81402f5.f8254", From bedeeb8a1564dcd1aeb3f323c12e99924b2bcb5a Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 15:41:42 -0500 Subject: [PATCH 71/80] update the documentation with environment variables --- docs/ubuntu-test-rasppi.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/docs/ubuntu-test-rasppi.md b/docs/ubuntu-test-rasppi.md index e0ffdbb..bbf06c5 100644 --- a/docs/ubuntu-test-rasppi.md +++ b/docs/ubuntu-test-rasppi.md @@ -29,12 +29,20 @@ to get the `easy_install.sh` from the same repository and branch as the ZTI. The official GitHub is `FreeTAKTeam`, if you are working in a fork you will need to use that. + ```bash export MY_IPA=$(ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}') export MY_GITHUB=babeloff export MY_BRANCH=issue_120 echo "github: ${MY_GITHUB}, branch: ${MY_BRANCH}, addr: ${MY_IPA}" -```` +``` + +The environment variables default values: +```bash +export MY_IPA=127.0.0.1 +export MY_GITHUB=FreeTAKTeam +export MY_BRANCH=main +``` ```bash wget -qO - https://raw.githubusercontent.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHub-Installation/${MY_BRANCH:-main}/scripts/easy_install.sh | \ @@ -42,7 +50,7 @@ wget -qO - https://raw.githubusercontent.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHu --verbose \ --repo https://github.com/${MY_GITHUB:-FreeTAKTeam}/FreeTAKHub-Installation.git \ --branch ${MY_BRANCH:-main} \ - --ip-addr ${MY_IPA} + --ip-addr ${MY_IPA:-127.0.0.1} ``` From 92b527cb62d8e8a775bec620d0e650ff03ac8475 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 16:05:18 -0500 Subject: [PATCH 72/80] log_verbosity needs a default value, given 0 --- ansible.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible.cfg b/ansible.cfg index 1e92ced..e5dfdf7 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -336,7 +336,7 @@ invalid_task_attribute_failed=True localhost_warning=True # (int) This will set log verbosity if higher than the normal display verbosity, otherwise it will match that. -log_verbosity= +log_verbosity=0 # (int) Maximum size of files to be considered for diff display. max_diff_size=104448 From 271d98238e5623671321dcdcefb8def75748a238 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 16:09:51 -0500 Subject: [PATCH 73/80] ansible gather_timeout needs a default value, given 10 (seconds) --- ansible.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible.cfg b/ansible.cfg index e5dfdf7..b21e35c 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -120,7 +120,7 @@ gather_subset= # (integer) Set the timeout in seconds for the implicit fact gathering, see the module documentation for specifics. # It does **not** apply to user defined :ref:`ansible_collections.ansible.builtin.setup_module` tasks. -gather_timeout= +gather_timeout=10 # (string) This setting controls how duplicate definitions of dictionary variables (aka hash, map, associative array) are handled in Ansible. # This does not affect variables whose values are scalars (integers, strings) or arrays. From 28e7dec769440748292a0dd5bec009d6a400dc48 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 16:18:47 -0500 Subject: [PATCH 74/80] provide default remote_port, given as 22 --- ansible.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible.cfg b/ansible.cfg index b21e35c..a0d6457 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -215,7 +215,7 @@ private_key_file= private_role_vars=False # (integer) Port to use in remote connections, when blank it will use the connection plugin default. -remote_port= +remote_port=22 # (string) Sets the login user for the target machines # When blank it uses the connection plugin's default, normally the user currently executing Ansible. From c6d6648a071b0e84f510bdc35aedb19dad2e7870 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 16:27:55 -0500 Subject: [PATCH 75/80] suppress ignore_signature_status_codes --- ansible.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible.cfg b/ansible.cfg index a0d6457..0058015 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -579,7 +579,7 @@ ignore_certs= # (list) A list of GPG status codes to ignore during GPG signature verification. See L(https://github.com/gpg/gnupg/blob/master/doc/DETAILS#general-status-codes) for status code descriptions. # If fewer signatures successfully verify the collection than `GALAXY_REQUIRED_VALID_SIGNATURE_COUNT`, signature verification will fail even if all error codes are ignored. -ignore_signature_status_codes= +# ignore_signature_status_codes= # (str) The number of signatures that must be successful during GPG signature verification while installing or verifying collections. # This should be a positive integer or all to indicate all signatures must successfully validate the collection. From 5268557d94a0ff334349032a94869921a1cdc1bc Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 16:36:17 -0500 Subject: [PATCH 76/80] park ansible.cfg until later --- ansible.cfg.candidate | 698 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 698 insertions(+) create mode 100644 ansible.cfg.candidate diff --git a/ansible.cfg.candidate b/ansible.cfg.candidate new file mode 100644 index 0000000..7d3bd0b --- /dev/null +++ b/ansible.cfg.candidate @@ -0,0 +1,698 @@ +[defaults] +# (boolean) By default, Ansible will issue a warning when received from a task action (module or action plugin). +# These warnings can be silenced by adjusting this setting to False. +action_warnings=True + +# (list) Accept a list of cowsay templates that are 'safe' to use, set to an empty list if you want to enable all installed templates. +cowsay_enabled_stencils=bud-frogs, bunny, cheese, daemon, default, dragon, elephant-in-snake, elephant, eyes, hellokitty, kitty, luke-koala, meow, milk, moofasa, moose, ren, sheep, small, stegosaurus, stimpy, supermilker, three-eyes, turkey, turtle, tux, udder, vader-koala, vader, www + +# (string) Specify a custom cowsay path or swap in your cowsay implementation of choice. +cowpath= + +# (string) This allows you to choose a specific cowsay stencil for the banners or use 'random' to cycle through them. +cow_selection=default + +# (boolean) This option forces color mode even when running without a TTY or the "nocolor" setting is True. +force_color=False + +# (path) The default root path for Ansible config files on the controller. +home=~/.ansible + +# (boolean) This setting allows suppressing colorizing output, which is used to give a better indication of failure and status information. +nocolor=False + +# (boolean) If you have cowsay installed but want to avoid the 'cows' (why????), use this. +nocows=False + +# (boolean) Sets the default value for the any_errors_fatal keyword, if True, Task failures will be considered fatal errors. +any_errors_fatal=False + +# (path) The password file to use for the become plugin. ``--become-password-file``. +# If executable, it will be run and the resulting stdout will be used as the password. +become_password_file= + +# (pathspec) Colon-separated paths in which Ansible will search for Become Plugins. +become_plugins=/usr/share/ansible/plugins/become + +# (string) Chooses which cache plugin to use, the default 'memory' is ephemeral. +fact_caching=memory + +# (string) Defines connection or path information for the cache plugin. +fact_caching_connection= + +# (string) Prefix to use for cache plugin files/tables. +fact_caching_prefix=ansible_facts + +# (integer) Expiration timeout for the cache plugin data. +fact_caching_timeout=86400 + +# (list) List of enabled callbacks, not all callbacks need enabling, but many of those shipped with Ansible do as we don't want them activated by default. +callbacks_enabled= + +# (string) When a collection is loaded that does not support the running Ansible version (with the collection metadata key `requires_ansible`). +collections_on_ansible_version_mismatch=warning + +# (pathspec) Colon-separated paths in which Ansible will search for collections content. Collections must be in nested *subdirectories*, not directly in these directories. For example, if ``COLLECTIONS_PATHS`` includes ``'{{ ANSIBLE_HOME ~ "/collections" }}'``, and you want to add ``my.collection`` to that directory, it must be saved as ``'{{ ANSIBLE_HOME} ~ "/collections/ansible_collections/my/collection" }}'``. + +collections_path=/usr/share/ansible/collections + +# (boolean) A boolean to enable or disable scanning the sys.path for installed collections. +collections_scan_sys_path=True + +# (path) The password file to use for the connection plugin. ``--connection-password-file``. +connection_password_file= + +# (pathspec) Colon-separated paths in which Ansible will search for Action Plugins. +action_plugins=/usr/share/ansible/plugins/action + +# (boolean) When enabled, this option allows lookup plugins (whether used in variables as ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked 'unsafe'. +# By default, such data is marked as unsafe to prevent the templating engine from evaluating any jinja2 templating language, as this could represent a security risk. This option is provided to allow for backward compatibility, however, users should first consider adding allow_unsafe=True to any lookups that may be expected to contain data that may be run through the templating engine late. +allow_unsafe_lookups=False + +# (boolean) This controls whether an Ansible playbook should prompt for a login password. If using SSH keys for authentication, you probably do not need to change this setting. +ask_pass=False + +# (boolean) This controls whether an Ansible playbook should prompt for a vault password. +ask_vault_pass=False + +# (pathspec) Colon-separated paths in which Ansible will search for Cache Plugins. +cache_plugins=/usr/share/ansible/plugins/cache + +# (pathspec) Colon-separated paths in which Ansible will search for Callback Plugins. +callback_plugins=/usr/share/ansible/plugins/callback + +# (pathspec) Colon-separated paths in which Ansible will search for Cliconf Plugins. +cliconf_plugins=/usr/share/ansible/plugins/cliconf + +# (pathspec) Colon-separated paths in which Ansible will search for Connection Plugins. +connection_plugins=/usr/share/ansible/plugins/connection + +# (boolean) Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing. Debug output can also include secret information despite no_log settings being enabled, which means debug mode should not be used in production. +debug=False + +# (string) This indicates the command to use to spawn a shell under, which is required for Ansible's execution needs on a target. Users may need to change this in rare instances when shell usage is constrained, but in most cases, it may be left as is. +executable=/bin/sh + +# (string) This option allows you to globally configure a custom path for 'local_facts' for the implied :ref:`ansible_collections.ansible.builtin.setup_module` task when using fact gathering. +# If not set, it will fall back to the default from the ``ansible.builtin.setup`` module: ``/etc/ansible/facts.d``. +# This does **not** affect user defined tasks that use the ``ansible.builtin.setup`` module. +# The real action being created by the implicit task is currently ``ansible.legacy.gather_facts`` module, which then calls the configured fact modules, by default this will be ``ansible.builtin.setup`` for POSIX systems but other platforms might have different defaults. +fact_path= + +# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Filter Plugins. +filter_plugins=/usr/share/ansible/plugins/filter + +# (boolean) This option controls if notified handlers run on a host even if a failure occurs on that host. +# When false, the handlers will not run if a failure has occurred on a host. +# This can also be set per play or on the command line. See Handlers and Failure for more details. +force_handlers=False + +# (integer) Maximum number of forks Ansible will use to execute tasks on target hosts. +forks=5 + +# (string) This setting controls the default policy of fact gathering (facts discovered about remote systems). +# This option can be useful for those wishing to save fact gathering time. Both 'smart' and 'explicit' will use the cache plugin. +gathering=implicit + +# (list) Set the `gather_subset` option for the :ref:`ansible_collections.ansible.builtin.setup_module` task in the implicit fact gathering. See the module documentation for specifics. +# It does **not** apply to user defined ``ansible.builtin.setup`` tasks. +gather_subset= + +# (integer) Set the timeout in seconds for the implicit fact gathering, see the module documentation for specifics. +# It does **not** apply to user defined :ref:`ansible_collections.ansible.builtin.setup_module` tasks. +gather_timeout=10 + +# (string) This setting controls how duplicate definitions of dictionary variables (aka hash, map, associative array) are handled in Ansible. +# This does not affect variables whose values are scalars (integers, strings) or arrays. +# **WARNING**, changing this setting is not recommended as this is fragile and makes your content (plays, roles, collections) nonportable, leading to continual confusion and misuse. Don't change this setting unless you think you have an absolute need for it. +# We recommend avoiding reusing variable names and relying on the ``combine`` filter and ``vars`` and ``varnames`` lookups to create merged versions of the individual variables. In our experience, this is rarely needed and is a sign that too much complexity has been introduced into the data structures and plays. +# For some uses you can also look into custom vars_plugins to merge on input, even substituting the default ``host_group_vars`` that is in charge of parsing the ``host_vars/`` and ``group_vars/`` directories. Most users of this setting are only interested in inventory scope, but the setting itself affects all sources and makes debugging even harder. +# All playbooks and roles in the official examples repos assume the default for this setting. +# Changing the setting to ``merge`` applies across variable sources, but many sources will internally still overwrite the variables. For example ``include_vars`` will dedupe variables internally before updating Ansible, with 'last defined' overwriting previous definitions in same file. +# The Ansible project recommends you **avoid ``merge`` for new projects.** +# It is the intention of the Ansible developers to eventually deprecate and remove this setting, but it is being kept as some users do heavily rely on it. New projects should **avoid 'merge'**. +hash_behaviour=replace + +# (pathlist) Comma-separated list of Ansible inventory sources +inventory=/etc/ansible/hosts + +# (pathspec) Colon-separated paths in which Ansible will search for HttpApi Plugins. +httpapi_plugins=/usr/share/ansible/plugins/httpapi + +# (float) This sets the interval (in seconds) of Ansible internal processes polling each other. Lower values improve performance with large playbooks at the expense of extra CPU load. Higher values are more suitable for Ansible usage in automation scenarios when UI responsiveness is not required but CPU usage might be a concern. +# The default corresponds to the value hardcoded in Ansible <= 2.1 +internal_poll_interval=0.001 + +# (pathspec) Colon-separated paths in which Ansible will search for Inventory Plugins. +inventory_plugins=/usr/share/ansible/plugins/inventory + +# (string) This is a developer-specific feature that allows enabling additional Jinja2 extensions. +# See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :) +jinja2_extensions=[] + +# (boolean) This option preserves variable types during template operations. +jinja2_native=False + +# (boolean) Enables/disables the cleaning up of the temporary files Ansible used to execute the tasks on the remote. +# If this option is enabled it will disable ``ANSIBLE_PIPELINING``. +keep_remote_files=False + +# (boolean) Controls whether callback plugins are loaded when running /usr/bin/ansible. This may be used to log activity from the command line, send notifications, and so on. Callback plugins are always loaded for ``ansible-playbook``. +bin_ansible_callbacks=False + +# (tmppath) Temporary directory for Ansible to use on the controller. +local_tmp= + +# (list) List of logger names to filter out of the log file. +log_filter= + +# (path) File to which Ansible will log on the controller. When empty logging is disabled. +log_path= + +# (pathspec) Colon-separated paths in which Ansible will search for Lookup Plugins. +lookup_plugins=/usr/share/ansible/plugins/lookup + +# (string) Sets the macro for the 'ansible_managed' variable available for :ref:`ansible_collections.ansible.builtin.template_module` and :ref:`ansible_collections.ansible.windows.win_template_module`. This is only relevant to those two modules. +ansible_managed=Ansible managed + +# (string) This sets the default arguments to pass to the ``ansible`` adhoc binary if no ``-a`` is specified. +module_args= + +# (string) Compression scheme to use when transferring Python modules to the target. +module_compression=ZIP_DEFLATED + +# (string) Module to use with the ``ansible`` AdHoc command, if none is specified via ``-m``. +module_name=command + +# (pathspec) Colon-separated paths in which Ansible will search for Modules. +library=/usr/share/ansible/plugins/modules + +# (pathspec) Colon-separated paths in which Ansible will search for Module utils files, which are shared by modules. +module_utils=/usr/share/ansible/plugins/module_utils + +# (pathspec) Colon-separated paths in which Ansible will search for Netconf Plugins. +netconf_plugins=/usr/share/ansible/plugins/netconf + +# (boolean) Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures. +no_log=False + +# (boolean) Toggle Ansible logging to syslog on the target when it executes tasks. On Windows hosts, this will disable a newer style PowerShell modules from writing to the event log. +no_target_syslog=False + +# (raw) What templating should return as a 'null' value. When not set it will let Jinja2 decide. +null_representation= + +# (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how often to check back on the status of those tasks when an explicit poll interval is not supplied. The default is a reasonably moderate 15 seconds which is a tradeoff between checking in frequently and providing a quick turnaround when something may have completed. +poll_interval=15 + +# (path) Option for connections using a certificate or key file to authenticate, rather than an agent or passwords, you can set the default value here to avoid re-specifying ``--private-key`` with every invocation. +private_key_file= + +# (boolean) By default, imported roles publish their variables to the play and other roles, this setting can avoid that. +# This was introduced as a way to reset role variables to default values if a role is used more than once in a playbook. +# Starting in version '2.17' M(ansible.builtin.include_roles) and M(ansible.builtin.import_roles) can individually override this via the C(public) parameter. +# Included roles only make their variables public at execution, unlike imported roles which happen at playbook compile time. +private_role_vars=False + +# (integer) Port to use in remote connections, when blank it will use the connection plugin default. +remote_port=22 + +# (string) Sets the login user for the target machines +# When blank it uses the connection plugin's default, normally the user currently executing Ansible. +remote_user= + +# (pathspec) Colon-separated paths in which Ansible will search for Roles. +roles_path=/usr/share/ansible/roles:/etc/ansible/roles + +# (string) Set the main callback used to display Ansible output. You can only have one at a time. +# You can have many other callbacks, but just one can be in charge of stdout. +# See :ref:`callback_plugins` for a list of available options. +stdout_callback=default + +# (string) Set the default strategy used for plays. +strategy=linear + +# (pathspec) Colon-separated paths in which Ansible will search for Strategy Plugins. +strategy_plugins=/usr/share/ansible/plugins/strategy + +# (boolean) Toggle the use of "su" for tasks. +su=False + +# (string) Syslog facility to use when Ansible logs to the remote target. +syslog_facility=LOG_USER + +# (pathspec) Colon-separated paths in which Ansible will search for Terminal Plugins. +terminal_plugins=/usr/share/ansible/plugins/terminal + +# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Test Plugins. +test_plugins=/usr/share/ansible/plugins/test + +# (integer) This is the default timeout for connection plugins to use. +timeout=10 + +# (string) Can be any connection plugin available to your ansible installation. +# There is also a (DEPRECATED) special 'smart' option, that will toggle between 'ssh' and 'paramiko' depending on controller OS and ssh versions. +transport=ssh + +# (boolean) When True, this causes ansible templating to fail steps that reference variable names that are likely typoed. +# Otherwise, any '{{ template_expression }}' that contains undefined variables will be rendered in a template or ansible action line exactly as written. +error_on_undefined_vars=True + +# (pathspec) Colon-separated paths in which Ansible will search for Vars Plugins. +vars_plugins=/usr/share/ansible/plugins/vars + +# (string) The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The ``--encrypt-vault-id`` CLI option overrides the configured value. +vault_encrypt_identity= + +# (string) The label to use for the default vault id label in cases where a vault id label is not provided. +vault_identity=default + +# (list) A list of vault-ids to use by default. Equivalent to multiple ``--vault-id`` args. Vault-ids are tried in order. +vault_identity_list= + +# (string) If true, decrypting vaults with a vault id will only try the password from the matching vault-id. +vault_id_match=False + +# (path) The vault password file to use. Equivalent to ``--vault-password-file`` or ``--vault-id``. +# If executable, it will be run and the resulting stdout will be used as the password. +vault_password_file= + +# (integer) Sets the default verbosity, equivalent to the number of ``-v`` passed in the command line. +verbosity=0 + +# (boolean) Toggle to control the showing of deprecation warnings +deprecation_warnings=True + +# (boolean) Toggle to control showing warnings related to running devel. +devel_warning=True + +# (boolean) Normally ``ansible-playbook`` will print a header for each task that is run. These headers will contain the name: field from the task if you specified one. If you didn't then ``ansible-playbook`` uses the task's action to help you tell which task is presently running. Sometimes you run many of the same action and so you want more information about the task to differentiate it from others of the same action. If you set this variable to True in the config then ``ansible-playbook`` will also include the task's arguments in the header. +# This setting defaults to False because there is a chance that you have sensitive values in your parameters and you do not want those to be printed. +# If you set this to True you should be sure that you have secured your environment's stdout (no one can shoulder surf your screen and you aren't saving stdout to an insecure file) or made sure that all of your playbooks explicitly added the ``no_log: True`` parameter to tasks that have sensitive values :ref:`keep_secret_data` for more information. +display_args_to_stdout=False + +# (boolean) Toggle to control displaying skipped task/host entries in a task in the default callback. +display_skipped_hosts=True + +# (string) Root docsite URL used to generate docs URLs in warning/error text; must be an absolute URL with a valid scheme and trailing slash. +docsite_root_url=https://docs.ansible.com/ansible-core/ + +# (pathspec) Colon-separated paths in which Ansible will search for Documentation Fragments Plugins. +doc_fragment_plugins=/usr/share/ansible/plugins/doc_fragments + +# (string) By default, Ansible will issue a warning when a duplicate dict key is encountered in YAML. +# These warnings can be silenced by adjusting this setting to False. +duplicate_dict_key=warn + +# (boolean) Whether or not to enable the task debugger, this previously was done as a strategy plugin. +# Now all strategy plugins can inherit this behavior. The debugger defaults to activating when +# a task is failed on unreachable. Use the debugger keyword for more flexibility. +enable_task_debugger=False + +# (boolean) Toggle to allow missing handlers to become a warning instead of an error when notifying. +error_on_missing_handler=True + +# (list) Which modules to run during a play's fact gathering stage, using the default of 'smart' will try to figure it out based on connection type. +# If adding your own modules but you still want to use the default Ansible facts, you will want to include 'setup' or corresponding network module to the list (if you add 'smart', Ansible will also figure it out). +# This does not affect explicit calls to the 'setup' module, but does always affect the 'gather_facts' action (implicit or explicit). +facts_modules=smart + +# (boolean) Set this to "False" if you want to avoid host key checking by the underlying connection plugin Ansible uses to connect to the host. +# Please read the documentation of the specific connection plugin used for details. +host_key_checking=True + +# (boolean) Facts are available inside the `ansible_facts` variable, this setting also pushes them as their own vars in the main namespace. +# Unlike inside the `ansible_facts` dictionary where the prefix `ansible_` is removed from fact names, these will have the exact names that are returned by the module. +inject_facts_as_vars=True + +# (string) Path to the Python interpreter to be used for module execution on remote targets, or an automatic discovery mode. Supported discovery modes are ``auto`` (the default), ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes employ a lookup table to use the included system Python (on distributions known to include one), falling back to a fixed ordered list of well-known Python interpreter locations if a platform-specific default is not available. The fallback behavior will issue a warning that the interpreter should be set explicitly (since interpreters installed later may change which one is used). This warning behavior can be disabled by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy`` provides all the same behavior, but for backward-compatibility with older Ansible releases that always defaulted to ``/usr/bin/python``, will use that interpreter if present. +interpreter_python=auto + +# (boolean) If 'false', invalid attributes for a task will result in warnings instead of errors. +invalid_task_attribute_failed=True + +# (boolean) By default, Ansible will issue a warning when there are no hosts in the inventory. +# These warnings can be silenced by adjusting this setting to False. +localhost_warning=True + +# (int) This will set log verbosity if higher than the normal display verbosity, otherwise it will match that. +log_verbosity=0 + +# (int) Maximum size of files to be considered for diff display. +max_diff_size=104448 + +# (list) List of extensions to ignore when looking for modules to load. +# This is for rejecting script and binary module fallback extensions. +module_ignore_exts=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .yaml, .yml, .ini + +# (bool) Enables whether module responses are evaluated for containing non-UTF-8 data. +# Disabling this may result in unexpected behavior. +# Only ansible-core should evaluate this configuration. +module_strict_utf8_response=True + +# (list) TODO: write it +network_group_modules=eos, nxos, ios, iosxr, junos, enos, ce, vyos, sros, dellos9, dellos10, dellos6, asa, aruba, aireos, bigip, ironware, onyx, netconf, exos, voss, slxos + +# (boolean) Previously Ansible would only clear some of the plugin loading caches when loading new roles, this led to some behaviors in which a plugin loaded in previous plays would be unexpectedly 'sticky'. This setting allows the user to return to that behavior. +old_plugin_cache_clear=False + +# (path) A number of non-playbook CLIs have a ``--playbook-dir`` argument; this sets the default value for it. +playbook_dir= + +# (string) This sets which playbook dirs will be used as a root to process vars plugins, which includes finding host_vars/group_vars. +playbook_vars_root=top + +# (path) A path to configuration for filtering which plugins installed on the system are allowed to be used. +# See :ref:`plugin_filtering_config` for details of the filter file's format. +# The default is /etc/ansible/plugin_filters.yml +plugin_filters_cfg= + +# (string) Attempts to set RLIMIT_NOFILE soft limit to the specified value when executing Python modules (can speed up subprocess usage on Python 2.x. See https://bugs.python.org/issue11284). The value will be limited by the existing hard limit. Default value of 0 does not attempt to adjust existing system-defined limits. +python_module_rlimit_nofile=0 + +# (bool) This controls whether a failed Ansible playbook should create a .retry file. +retry_files_enabled=False + +# (path) This sets the path in which Ansible will save .retry files when a playbook fails and retry files are enabled. +# This file will be overwritten after each run with the list of failed hosts from all plays. +retry_files_save_path= + +# (str) This setting can be used to optimize vars_plugin usage depending on the user's inventory size and play selection. +run_vars_plugins=demand + +# (bool) This adds the custom stats set via the set_stats plugin to the default output. +show_custom_stats=False + +# (string) Action to take when a module parameter value is converted to a string (this does not affect variables). For string parameters, values such as '1.00', "['a', 'b',]", and 'yes', 'y', etc. will be converted by the YAML parser unless fully quoted. +# Valid options are 'error', 'warn', and 'ignore'. +# Since 2.8, this option defaults to 'warn' but will change to 'error' in 2.12. +string_conversion_action=warn + +# (boolean) Allows disabling of warnings related to potential issues on the system running Ansible itself (not on the managed hosts). +# These may include warnings about third-party packages or other conditions that should be resolved if possible. +system_warnings=True + +# (string) A string to insert into target logging for tracking purposes +target_log_info= + +# (boolean) This option defines whether the task debugger will be invoked on a failed task when ignore_errors=True is specified. +# True specifies that the debugger will honor ignore_errors, and False will not honor ignore_errors. +task_debugger_ignore_errors=True + +# (integer) Set the maximum time (in seconds) that a task can run for. +# If set to 0 (the default) there is no timeout. +task_timeout=0 + +# (string) Make ansible transform invalid characters in group names supplied by inventory sources. +force_valid_group_names=never + +# (boolean) Toggles the use of persistence for connections. +use_persistent_connections=False + +# (bool) A toggle to disable validating a collection's 'metadata' entry for a module_defaults action group. Metadata containing unexpected fields or value types will produce a warning when this is True. +validate_action_group_metadata=True + +# (list) Accept list for variable plugins that require it. +vars_plugins_enabled=host_group_vars + +# (list) Allows to change the group variable precedence merge order. +precedence=all_inventory, groups_inventory, all_plugins_inventory, all_plugins_play, groups_plugins_inventory, groups_plugins_play + +# (string) The salt to use for the vault encryption. If it is not provided, a random salt will be used. +vault_encrypt_salt= + +# (bool) Force 'verbose' option to use stderr instead of stdout +verbose_to_stderr=False + +# (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how long, in seconds, to wait for the task spawned by Ansible to connect back to the named pipe used on Windows systems. The default is 5 seconds. This can be too low on slower systems, or systems under heavy load. +# This is not the total time an async command can run for, but is a separate timeout to wait for an async command to start. The task will only start to be timed against its async_timeout once it has connected to the pipe, so the overall maximum duration the task can take will be extended by the amount specified here. +win_async_startup_timeout=5 + +# (list) Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these. +# This affects vars_files, include_vars, inventory and vars plugins among others. +yaml_valid_extensions=.yml, .yaml, .json + + +[privilege_escalation] +# (boolean) Display an agnostic become prompt instead of displaying a prompt containing the command line supplied become method. +agnostic_become_prompt=True + +# (boolean) When ``False``(default), Ansible will skip using become if the remote user is the same as the become user, as this is normally a redundant operation. In other words root sudo to root. +# If ``True``, this forces Ansible to use the become plugin anyways as there are cases in which this is needed. +become_allow_same_user=False + +# (boolean) Toggles the use of privilege escalation, allowing you to 'become' another user after login. +become=False + +# (boolean) Toggle to prompt for privilege escalation password. +become_ask_pass=False + +# (string) executable to use for privilege escalation, otherwise Ansible will depend on PATH. +become_exe= + +# (string) Flags to pass to the privilege escalation executable. +become_flags= + +# (string) Privilege escalation method to use when `become` is enabled. +become_method=sudo + +# (string) The user your login/remote user 'becomes' when using privilege escalation, most systems will use 'root' when no user is specified. +become_user=root + + +[persistent_connection] +# (path) Specify where to look for the ansible-connection script. This location will be checked before searching $PATH. +# If null, ansible will start with the same directory as the ansible script. +ansible_connection_path= + +# (int) This controls the amount of time to wait for a response from a remote device before timing out a persistent connection. +command_timeout=30 + +# (integer) This controls the retry timeout for persistent connection to connect to the local domain socket. +connect_retry_timeout=15 + +# (integer) This controls how long the persistent connection will remain idle before it is destroyed. +connect_timeout=30 + +# (path) Path to the socket to be used by the connection persistence system. +control_path_dir= + + +[connection] +# (boolean) This is a global option, each connection plugin can override either by having more specific options or not supporting pipelining at all. +# Pipelining, if supported by the connection plugin, reduces the number of network operations required to execute a module on the remote server, by executing many Ansible modules without actual file transfer. +# It can result in a very significant performance improvement when enabled. +# However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default. +# This setting will be disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled. +pipelining=False + + +[colors] +# (string) Defines the color to use on 'Changed' task status. +changed=yellow + +# (string) Defines the default color to use for ansible-console. +console_prompt=white + +# (string) Defines the color to use when emitting debug messages. +debug=dark gray + +# (string) Defines the color to use when emitting deprecation messages. +deprecate=purple + +# (string) Defines the color to use when showing added lines in diffs. +diff_add=green + +# (string) Defines the color to use when showing diffs. +diff_lines=cyan + +# (string) Defines the color to use when showing removed lines in diffs. +diff_remove=red + +# (string) Defines the color to use when emitting error messages. +error=red + +# (string) Defines the color to use for highlighting. +highlight=white + +# (string) Defines the color to use when showing 'OK' task status. +ok=green + +# (string) Defines the color to use when showing 'Skipped' task status. +skip=cyan + +# (string) Defines the color to use on 'Unreachable' status. +unreachable=bright red + +# (string) Defines the color to use when emitting verbose messages. In other words, those that show with '-v's. +verbose=blue + +# (string) Defines the color to use when emitting warning messages. +warn=bright purple + + +[selinux] +# (boolean) This setting causes libvirt to connect to LXC containers by passing ``--noseclabel`` parameter to ``virsh`` command. This is necessary when running on systems which do not have SELinux. +libvirt_lxc_noseclabel=False + +# (list) Some filesystems do not support safe operations and/or return inconsistent errors, this setting makes Ansible 'tolerate' those in the list without causing fatal errors. +# Data corruption may occur and writes are not always verified when a filesystem is in the list. +special_context_filesystems=fuse, nfs, vboxsf, ramfs, 9p, vfat + + +[diff] +# (bool) Configuration toggle to tell modules to show differences when in 'changed' status, equivalent to ``--diff``. +always=False + +# (integer) Number of lines of context to show when displaying the differences between files. +context=3 + + +[galaxy] +# (path) The directory that stores cached responses from a Galaxy server. +# This is only used by the ``ansible-galaxy collection install`` and ``download`` commands. +# Cache files inside this dir will be ignored if they are world writable. +cache_dir= + +# (bool) whether ``ansible-galaxy collection install`` should warn about ``--collections-path`` missing from configured :ref:`collections_paths`. +collections_path_warning=True + +# (path) Collection skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy collection``, same as ``--collection-skeleton``. +collection_skeleton= + +# (list) patterns of files to ignore inside a Galaxy collection skeleton directory. +collection_skeleton_ignore=^.git$, ^.*/.git_keep$ + +# (bool) Disable GPG signature verification during collection installation. +disable_gpg_verify=False + +# (bool) Some steps in ``ansible-galaxy`` display a progress wheel which can cause issues on certain displays or when outputting the stdout to a file. +# This config option controls whether the display wheel is shown or not. +# The default is to show the display wheel if stdout has a tty. +display_progress= + +# (path) Configure the keyring used for GPG signature verification during collection installation and verification. +gpg_keyring= + +# (boolean) If set to yes, ansible-galaxy will not validate TLS certificates. This can be useful for testing against a server with a self-signed certificate. +ignore_certs= + +# (list) A list of GPG status codes to ignore during GPG signature verification. +# See L(https://github.com/gpg/gnupg/blob/master/doc/DETAILS#general-status-codes) for status code descriptions. +# If fewer signatures successfully verify the collection than `GALAXY_REQUIRED_VALID_SIGNATURE_COUNT`, +# signature verification will fail even if all error codes are ignored. +; ignore_signature_status_codes= + +# (str) The number of signatures that must be successful during GPG signature verification while installing or verifying collections. +# This should be a positive integer or all to indicate all signatures must successfully validate the collection. +# Prepend + to the value to fail if no valid signatures are found for the collection. +required_valid_signature_count=1 + +# (path) Role skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy``/``ansible-galaxy role``, same as ``--role-skeleton``. +role_skeleton= + +# (list) patterns of files to ignore inside a Galaxy role or collection skeleton directory. +role_skeleton_ignore=^.git$, ^.*/.git_keep$ + +# (string) URL to prepend when roles don't specify the full URI, assume they are referencing this server as the source. +server=https://galaxy.ansible.com + +# (list) A list of Galaxy servers to use when installing a collection. +# The value corresponds to the config ini header ``[galaxy_server.{{item}}]`` which defines the server details. +# See :ref:`galaxy_server_config` for more details on how to define a Galaxy server. +# The order of servers in this list is used as the order in which a collection is resolved. +# Setting this config option will ignore the :ref:`galaxy_server` config option. +server_list= + +# (int) The default timeout for Galaxy API calls. Galaxy servers that don't configure a specific timeout will fall back to this value. +server_timeout=60 + +# (path) Local path to galaxy access token file +token_path= + + +[inventory] +# (string) This setting changes the behaviour of mismatched host patterns, it allows you to force a fatal error, a warning or just ignore it. +host_pattern_mismatch=warning + +# (boolean) If 'true', it is a fatal error when any given inventory source cannot be successfully parsed by any available inventory plugin; otherwise, this situation only attracts a warning. + +any_unparsed_is_failed=False + +# (bool) Toggle to turn on inventory caching. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory configuration. +# This message will be removed in 2.16. +cache=False + +# (string) The plugin for caching inventory. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_plugin= + +# (string) The inventory cache connection. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_connection= + +# (string) The table prefix for the cache plugin. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_prefix=ansible_inventory_ + +# (string) Expiration timeout for the inventory cache plugin data. +# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. +# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. +# This message will be removed in 2.16. +cache_timeout=3600 + +# (list) List of enabled inventory plugins, it also determines the order in which they are used. +enable_plugins=host_list, script, auto, yaml, ini, toml + +# (bool) Controls if ansible-inventory will accurately reflect Ansible's view into inventory or its optimized for exporting. +export=False + +# (list) List of extensions to ignore when using a directory as an inventory source. +ignore_extensions=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .orig, .ini, .cfg, .retry + +# (list) List of patterns to ignore when using a directory as an inventory source. +ignore_patterns= + +# (bool) If 'true' it is a fatal error if every single potential inventory source fails to parse, otherwise, this situation will only attract a warning. + +unparsed_is_failed=False + +# (boolean) By default, Ansible will issue a warning when no inventory was loaded and notes that it will use an implicit localhost-only inventory. +# These warnings can be silenced by adjusting this setting to False. +inventory_unparsed_warning=True + + +[netconf_connection] +# (string) This variable is used to enable bastion/jump host with netconf connection. If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config file, alternatively it can be set to custom ssh configuration file path to read the bastion/jump host settings. +ssh_config= + + +[paramiko_connection] +# (boolean) TODO: write it +host_key_auto_add=False + +# (boolean) TODO: write it +look_for_keys=True + + +[jinja2] +# (list) This list of filters avoids 'type conversion' when templating variables. +# Useful when you want to avoid conversion into lists or dictionaries for JSON strings, for example. +dont_type_filters=string, to_json, to_nice_json, to_yaml, to_nice_yaml, ppretty, json + + +[tags] +# (list) default list of tags to run in your plays, Skip Tags has precedence. +run= + +# (list) default list of tags to skip in your plays, has precedence over Run Tags +skip= + From 7e563ca871aea26bec717567a1ffab04505ff393 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 16:36:23 -0500 Subject: [PATCH 77/80] park ansible.cfg until later --- ansible.cfg | 696 ---------------------------------------------------- 1 file changed, 696 deletions(-) delete mode 100644 ansible.cfg diff --git a/ansible.cfg b/ansible.cfg deleted file mode 100644 index 0058015..0000000 --- a/ansible.cfg +++ /dev/null @@ -1,696 +0,0 @@ -[defaults] -# (boolean) By default, Ansible will issue a warning when received from a task action (module or action plugin). -# These warnings can be silenced by adjusting this setting to False. -action_warnings=True - -# (list) Accept a list of cowsay templates that are 'safe' to use, set to an empty list if you want to enable all installed templates. -cowsay_enabled_stencils=bud-frogs, bunny, cheese, daemon, default, dragon, elephant-in-snake, elephant, eyes, hellokitty, kitty, luke-koala, meow, milk, moofasa, moose, ren, sheep, small, stegosaurus, stimpy, supermilker, three-eyes, turkey, turtle, tux, udder, vader-koala, vader, www - -# (string) Specify a custom cowsay path or swap in your cowsay implementation of choice. -cowpath= - -# (string) This allows you to choose a specific cowsay stencil for the banners or use 'random' to cycle through them. -cow_selection=default - -# (boolean) This option forces color mode even when running without a TTY or the "nocolor" setting is True. -force_color=False - -# (path) The default root path for Ansible config files on the controller. -home=~/.ansible - -# (boolean) This setting allows suppressing colorizing output, which is used to give a better indication of failure and status information. -nocolor=False - -# (boolean) If you have cowsay installed but want to avoid the 'cows' (why????), use this. -nocows=False - -# (boolean) Sets the default value for the any_errors_fatal keyword, if True, Task failures will be considered fatal errors. -any_errors_fatal=False - -# (path) The password file to use for the become plugin. ``--become-password-file``. -# If executable, it will be run and the resulting stdout will be used as the password. -become_password_file= - -# (pathspec) Colon-separated paths in which Ansible will search for Become Plugins. -become_plugins=/usr/share/ansible/plugins/become - -# (string) Chooses which cache plugin to use, the default 'memory' is ephemeral. -fact_caching=memory - -# (string) Defines connection or path information for the cache plugin. -fact_caching_connection= - -# (string) Prefix to use for cache plugin files/tables. -fact_caching_prefix=ansible_facts - -# (integer) Expiration timeout for the cache plugin data. -fact_caching_timeout=86400 - -# (list) List of enabled callbacks, not all callbacks need enabling, but many of those shipped with Ansible do as we don't want them activated by default. -callbacks_enabled= - -# (string) When a collection is loaded that does not support the running Ansible version (with the collection metadata key `requires_ansible`). -collections_on_ansible_version_mismatch=warning - -# (pathspec) Colon-separated paths in which Ansible will search for collections content. Collections must be in nested *subdirectories*, not directly in these directories. For example, if ``COLLECTIONS_PATHS`` includes ``'{{ ANSIBLE_HOME ~ "/collections" }}'``, and you want to add ``my.collection`` to that directory, it must be saved as ``'{{ ANSIBLE_HOME} ~ "/collections/ansible_collections/my/collection" }}'``. - -collections_path=/usr/share/ansible/collections - -# (boolean) A boolean to enable or disable scanning the sys.path for installed collections. -collections_scan_sys_path=True - -# (path) The password file to use for the connection plugin. ``--connection-password-file``. -connection_password_file= - -# (pathspec) Colon-separated paths in which Ansible will search for Action Plugins. -action_plugins=/usr/share/ansible/plugins/action - -# (boolean) When enabled, this option allows lookup plugins (whether used in variables as ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked 'unsafe'. -# By default, such data is marked as unsafe to prevent the templating engine from evaluating any jinja2 templating language, as this could represent a security risk. This option is provided to allow for backward compatibility, however, users should first consider adding allow_unsafe=True to any lookups that may be expected to contain data that may be run through the templating engine late. -allow_unsafe_lookups=False - -# (boolean) This controls whether an Ansible playbook should prompt for a login password. If using SSH keys for authentication, you probably do not need to change this setting. -ask_pass=False - -# (boolean) This controls whether an Ansible playbook should prompt for a vault password. -ask_vault_pass=False - -# (pathspec) Colon-separated paths in which Ansible will search for Cache Plugins. -cache_plugins=/usr/share/ansible/plugins/cache - -# (pathspec) Colon-separated paths in which Ansible will search for Callback Plugins. -callback_plugins=/usr/share/ansible/plugins/callback - -# (pathspec) Colon-separated paths in which Ansible will search for Cliconf Plugins. -cliconf_plugins=/usr/share/ansible/plugins/cliconf - -# (pathspec) Colon-separated paths in which Ansible will search for Connection Plugins. -connection_plugins=/usr/share/ansible/plugins/connection - -# (boolean) Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing. Debug output can also include secret information despite no_log settings being enabled, which means debug mode should not be used in production. -debug=False - -# (string) This indicates the command to use to spawn a shell under, which is required for Ansible's execution needs on a target. Users may need to change this in rare instances when shell usage is constrained, but in most cases, it may be left as is. -executable=/bin/sh - -# (string) This option allows you to globally configure a custom path for 'local_facts' for the implied :ref:`ansible_collections.ansible.builtin.setup_module` task when using fact gathering. -# If not set, it will fall back to the default from the ``ansible.builtin.setup`` module: ``/etc/ansible/facts.d``. -# This does **not** affect user defined tasks that use the ``ansible.builtin.setup`` module. -# The real action being created by the implicit task is currently ``ansible.legacy.gather_facts`` module, which then calls the configured fact modules, by default this will be ``ansible.builtin.setup`` for POSIX systems but other platforms might have different defaults. -fact_path= - -# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Filter Plugins. -filter_plugins=/usr/share/ansible/plugins/filter - -# (boolean) This option controls if notified handlers run on a host even if a failure occurs on that host. -# When false, the handlers will not run if a failure has occurred on a host. -# This can also be set per play or on the command line. See Handlers and Failure for more details. -force_handlers=False - -# (integer) Maximum number of forks Ansible will use to execute tasks on target hosts. -forks=5 - -# (string) This setting controls the default policy of fact gathering (facts discovered about remote systems). -# This option can be useful for those wishing to save fact gathering time. Both 'smart' and 'explicit' will use the cache plugin. -gathering=implicit - -# (list) Set the `gather_subset` option for the :ref:`ansible_collections.ansible.builtin.setup_module` task in the implicit fact gathering. See the module documentation for specifics. -# It does **not** apply to user defined ``ansible.builtin.setup`` tasks. -gather_subset= - -# (integer) Set the timeout in seconds for the implicit fact gathering, see the module documentation for specifics. -# It does **not** apply to user defined :ref:`ansible_collections.ansible.builtin.setup_module` tasks. -gather_timeout=10 - -# (string) This setting controls how duplicate definitions of dictionary variables (aka hash, map, associative array) are handled in Ansible. -# This does not affect variables whose values are scalars (integers, strings) or arrays. -# **WARNING**, changing this setting is not recommended as this is fragile and makes your content (plays, roles, collections) nonportable, leading to continual confusion and misuse. Don't change this setting unless you think you have an absolute need for it. -# We recommend avoiding reusing variable names and relying on the ``combine`` filter and ``vars`` and ``varnames`` lookups to create merged versions of the individual variables. In our experience, this is rarely needed and is a sign that too much complexity has been introduced into the data structures and plays. -# For some uses you can also look into custom vars_plugins to merge on input, even substituting the default ``host_group_vars`` that is in charge of parsing the ``host_vars/`` and ``group_vars/`` directories. Most users of this setting are only interested in inventory scope, but the setting itself affects all sources and makes debugging even harder. -# All playbooks and roles in the official examples repos assume the default for this setting. -# Changing the setting to ``merge`` applies across variable sources, but many sources will internally still overwrite the variables. For example ``include_vars`` will dedupe variables internally before updating Ansible, with 'last defined' overwriting previous definitions in same file. -# The Ansible project recommends you **avoid ``merge`` for new projects.** -# It is the intention of the Ansible developers to eventually deprecate and remove this setting, but it is being kept as some users do heavily rely on it. New projects should **avoid 'merge'**. -hash_behaviour=replace - -# (pathlist) Comma-separated list of Ansible inventory sources -inventory=/etc/ansible/hosts - -# (pathspec) Colon-separated paths in which Ansible will search for HttpApi Plugins. -httpapi_plugins=/usr/share/ansible/plugins/httpapi - -# (float) This sets the interval (in seconds) of Ansible internal processes polling each other. Lower values improve performance with large playbooks at the expense of extra CPU load. Higher values are more suitable for Ansible usage in automation scenarios when UI responsiveness is not required but CPU usage might be a concern. -# The default corresponds to the value hardcoded in Ansible <= 2.1 -internal_poll_interval=0.001 - -# (pathspec) Colon-separated paths in which Ansible will search for Inventory Plugins. -inventory_plugins=/usr/share/ansible/plugins/inventory - -# (string) This is a developer-specific feature that allows enabling additional Jinja2 extensions. -# See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :) -jinja2_extensions=[] - -# (boolean) This option preserves variable types during template operations. -jinja2_native=False - -# (boolean) Enables/disables the cleaning up of the temporary files Ansible used to execute the tasks on the remote. -# If this option is enabled it will disable ``ANSIBLE_PIPELINING``. -keep_remote_files=False - -# (boolean) Controls whether callback plugins are loaded when running /usr/bin/ansible. This may be used to log activity from the command line, send notifications, and so on. Callback plugins are always loaded for ``ansible-playbook``. -bin_ansible_callbacks=False - -# (tmppath) Temporary directory for Ansible to use on the controller. -local_tmp= - -# (list) List of logger names to filter out of the log file. -log_filter= - -# (path) File to which Ansible will log on the controller. When empty logging is disabled. -log_path= - -# (pathspec) Colon-separated paths in which Ansible will search for Lookup Plugins. -lookup_plugins=/usr/share/ansible/plugins/lookup - -# (string) Sets the macro for the 'ansible_managed' variable available for :ref:`ansible_collections.ansible.builtin.template_module` and :ref:`ansible_collections.ansible.windows.win_template_module`. This is only relevant to those two modules. -ansible_managed=Ansible managed - -# (string) This sets the default arguments to pass to the ``ansible`` adhoc binary if no ``-a`` is specified. -module_args= - -# (string) Compression scheme to use when transferring Python modules to the target. -module_compression=ZIP_DEFLATED - -# (string) Module to use with the ``ansible`` AdHoc command, if none is specified via ``-m``. -module_name=command - -# (pathspec) Colon-separated paths in which Ansible will search for Modules. -library=/usr/share/ansible/plugins/modules - -# (pathspec) Colon-separated paths in which Ansible will search for Module utils files, which are shared by modules. -module_utils=/usr/share/ansible/plugins/module_utils - -# (pathspec) Colon-separated paths in which Ansible will search for Netconf Plugins. -netconf_plugins=/usr/share/ansible/plugins/netconf - -# (boolean) Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures. -no_log=False - -# (boolean) Toggle Ansible logging to syslog on the target when it executes tasks. On Windows hosts, this will disable a newer style PowerShell modules from writing to the event log. -no_target_syslog=False - -# (raw) What templating should return as a 'null' value. When not set it will let Jinja2 decide. -null_representation= - -# (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how often to check back on the status of those tasks when an explicit poll interval is not supplied. The default is a reasonably moderate 15 seconds which is a tradeoff between checking in frequently and providing a quick turnaround when something may have completed. -poll_interval=15 - -# (path) Option for connections using a certificate or key file to authenticate, rather than an agent or passwords, you can set the default value here to avoid re-specifying ``--private-key`` with every invocation. -private_key_file= - -# (boolean) By default, imported roles publish their variables to the play and other roles, this setting can avoid that. -# This was introduced as a way to reset role variables to default values if a role is used more than once in a playbook. -# Starting in version '2.17' M(ansible.builtin.include_roles) and M(ansible.builtin.import_roles) can individually override this via the C(public) parameter. -# Included roles only make their variables public at execution, unlike imported roles which happen at playbook compile time. -private_role_vars=False - -# (integer) Port to use in remote connections, when blank it will use the connection plugin default. -remote_port=22 - -# (string) Sets the login user for the target machines -# When blank it uses the connection plugin's default, normally the user currently executing Ansible. -remote_user= - -# (pathspec) Colon-separated paths in which Ansible will search for Roles. -roles_path=/usr/share/ansible/roles:/etc/ansible/roles - -# (string) Set the main callback used to display Ansible output. You can only have one at a time. -# You can have many other callbacks, but just one can be in charge of stdout. -# See :ref:`callback_plugins` for a list of available options. -stdout_callback=default - -# (string) Set the default strategy used for plays. -strategy=linear - -# (pathspec) Colon-separated paths in which Ansible will search for Strategy Plugins. -strategy_plugins=/usr/share/ansible/plugins/strategy - -# (boolean) Toggle the use of "su" for tasks. -su=False - -# (string) Syslog facility to use when Ansible logs to the remote target. -syslog_facility=LOG_USER - -# (pathspec) Colon-separated paths in which Ansible will search for Terminal Plugins. -terminal_plugins=/usr/share/ansible/plugins/terminal - -# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Test Plugins. -test_plugins=/usr/share/ansible/plugins/test - -# (integer) This is the default timeout for connection plugins to use. -timeout=10 - -# (string) Can be any connection plugin available to your ansible installation. -# There is also a (DEPRECATED) special 'smart' option, that will toggle between 'ssh' and 'paramiko' depending on controller OS and ssh versions. -transport=ssh - -# (boolean) When True, this causes ansible templating to fail steps that reference variable names that are likely typoed. -# Otherwise, any '{{ template_expression }}' that contains undefined variables will be rendered in a template or ansible action line exactly as written. -error_on_undefined_vars=True - -# (pathspec) Colon-separated paths in which Ansible will search for Vars Plugins. -vars_plugins=/usr/share/ansible/plugins/vars - -# (string) The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The ``--encrypt-vault-id`` CLI option overrides the configured value. -vault_encrypt_identity= - -# (string) The label to use for the default vault id label in cases where a vault id label is not provided. -vault_identity=default - -# (list) A list of vault-ids to use by default. Equivalent to multiple ``--vault-id`` args. Vault-ids are tried in order. -vault_identity_list= - -# (string) If true, decrypting vaults with a vault id will only try the password from the matching vault-id. -vault_id_match=False - -# (path) The vault password file to use. Equivalent to ``--vault-password-file`` or ``--vault-id``. -# If executable, it will be run and the resulting stdout will be used as the password. -vault_password_file= - -# (integer) Sets the default verbosity, equivalent to the number of ``-v`` passed in the command line. -verbosity=0 - -# (boolean) Toggle to control the showing of deprecation warnings -deprecation_warnings=True - -# (boolean) Toggle to control showing warnings related to running devel. -devel_warning=True - -# (boolean) Normally ``ansible-playbook`` will print a header for each task that is run. These headers will contain the name: field from the task if you specified one. If you didn't then ``ansible-playbook`` uses the task's action to help you tell which task is presently running. Sometimes you run many of the same action and so you want more information about the task to differentiate it from others of the same action. If you set this variable to True in the config then ``ansible-playbook`` will also include the task's arguments in the header. -# This setting defaults to False because there is a chance that you have sensitive values in your parameters and you do not want those to be printed. -# If you set this to True you should be sure that you have secured your environment's stdout (no one can shoulder surf your screen and you aren't saving stdout to an insecure file) or made sure that all of your playbooks explicitly added the ``no_log: True`` parameter to tasks that have sensitive values :ref:`keep_secret_data` for more information. -display_args_to_stdout=False - -# (boolean) Toggle to control displaying skipped task/host entries in a task in the default callback. -display_skipped_hosts=True - -# (string) Root docsite URL used to generate docs URLs in warning/error text; must be an absolute URL with a valid scheme and trailing slash. -docsite_root_url=https://docs.ansible.com/ansible-core/ - -# (pathspec) Colon-separated paths in which Ansible will search for Documentation Fragments Plugins. -doc_fragment_plugins=/usr/share/ansible/plugins/doc_fragments - -# (string) By default, Ansible will issue a warning when a duplicate dict key is encountered in YAML. -# These warnings can be silenced by adjusting this setting to False. -duplicate_dict_key=warn - -# (boolean) Whether or not to enable the task debugger, this previously was done as a strategy plugin. -# Now all strategy plugins can inherit this behavior. The debugger defaults to activating when -# a task is failed on unreachable. Use the debugger keyword for more flexibility. -enable_task_debugger=False - -# (boolean) Toggle to allow missing handlers to become a warning instead of an error when notifying. -error_on_missing_handler=True - -# (list) Which modules to run during a play's fact gathering stage, using the default of 'smart' will try to figure it out based on connection type. -# If adding your own modules but you still want to use the default Ansible facts, you will want to include 'setup' or corresponding network module to the list (if you add 'smart', Ansible will also figure it out). -# This does not affect explicit calls to the 'setup' module, but does always affect the 'gather_facts' action (implicit or explicit). -facts_modules=smart - -# (boolean) Set this to "False" if you want to avoid host key checking by the underlying connection plugin Ansible uses to connect to the host. -# Please read the documentation of the specific connection plugin used for details. -host_key_checking=True - -# (boolean) Facts are available inside the `ansible_facts` variable, this setting also pushes them as their own vars in the main namespace. -# Unlike inside the `ansible_facts` dictionary where the prefix `ansible_` is removed from fact names, these will have the exact names that are returned by the module. -inject_facts_as_vars=True - -# (string) Path to the Python interpreter to be used for module execution on remote targets, or an automatic discovery mode. Supported discovery modes are ``auto`` (the default), ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes employ a lookup table to use the included system Python (on distributions known to include one), falling back to a fixed ordered list of well-known Python interpreter locations if a platform-specific default is not available. The fallback behavior will issue a warning that the interpreter should be set explicitly (since interpreters installed later may change which one is used). This warning behavior can be disabled by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy`` provides all the same behavior, but for backward-compatibility with older Ansible releases that always defaulted to ``/usr/bin/python``, will use that interpreter if present. -interpreter_python=auto - -# (boolean) If 'false', invalid attributes for a task will result in warnings instead of errors. -invalid_task_attribute_failed=True - -# (boolean) By default, Ansible will issue a warning when there are no hosts in the inventory. -# These warnings can be silenced by adjusting this setting to False. -localhost_warning=True - -# (int) This will set log verbosity if higher than the normal display verbosity, otherwise it will match that. -log_verbosity=0 - -# (int) Maximum size of files to be considered for diff display. -max_diff_size=104448 - -# (list) List of extensions to ignore when looking for modules to load. -# This is for rejecting script and binary module fallback extensions. -module_ignore_exts=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .yaml, .yml, .ini - -# (bool) Enables whether module responses are evaluated for containing non-UTF-8 data. -# Disabling this may result in unexpected behavior. -# Only ansible-core should evaluate this configuration. -module_strict_utf8_response=True - -# (list) TODO: write it -network_group_modules=eos, nxos, ios, iosxr, junos, enos, ce, vyos, sros, dellos9, dellos10, dellos6, asa, aruba, aireos, bigip, ironware, onyx, netconf, exos, voss, slxos - -# (boolean) Previously Ansible would only clear some of the plugin loading caches when loading new roles, this led to some behaviors in which a plugin loaded in previous plays would be unexpectedly 'sticky'. This setting allows the user to return to that behavior. -old_plugin_cache_clear=False - -# (path) A number of non-playbook CLIs have a ``--playbook-dir`` argument; this sets the default value for it. -playbook_dir= - -# (string) This sets which playbook dirs will be used as a root to process vars plugins, which includes finding host_vars/group_vars. -playbook_vars_root=top - -# (path) A path to configuration for filtering which plugins installed on the system are allowed to be used. -# See :ref:`plugin_filtering_config` for details of the filter file's format. -# The default is /etc/ansible/plugin_filters.yml -plugin_filters_cfg= - -# (string) Attempts to set RLIMIT_NOFILE soft limit to the specified value when executing Python modules (can speed up subprocess usage on Python 2.x. See https://bugs.python.org/issue11284). The value will be limited by the existing hard limit. Default value of 0 does not attempt to adjust existing system-defined limits. -python_module_rlimit_nofile=0 - -# (bool) This controls whether a failed Ansible playbook should create a .retry file. -retry_files_enabled=False - -# (path) This sets the path in which Ansible will save .retry files when a playbook fails and retry files are enabled. -# This file will be overwritten after each run with the list of failed hosts from all plays. -retry_files_save_path= - -# (str) This setting can be used to optimize vars_plugin usage depending on the user's inventory size and play selection. -run_vars_plugins=demand - -# (bool) This adds the custom stats set via the set_stats plugin to the default output. -show_custom_stats=False - -# (string) Action to take when a module parameter value is converted to a string (this does not affect variables). For string parameters, values such as '1.00', "['a', 'b',]", and 'yes', 'y', etc. will be converted by the YAML parser unless fully quoted. -# Valid options are 'error', 'warn', and 'ignore'. -# Since 2.8, this option defaults to 'warn' but will change to 'error' in 2.12. -string_conversion_action=warn - -# (boolean) Allows disabling of warnings related to potential issues on the system running Ansible itself (not on the managed hosts). -# These may include warnings about third-party packages or other conditions that should be resolved if possible. -system_warnings=True - -# (string) A string to insert into target logging for tracking purposes -target_log_info= - -# (boolean) This option defines whether the task debugger will be invoked on a failed task when ignore_errors=True is specified. -# True specifies that the debugger will honor ignore_errors, and False will not honor ignore_errors. -task_debugger_ignore_errors=True - -# (integer) Set the maximum time (in seconds) that a task can run for. -# If set to 0 (the default) there is no timeout. -task_timeout=0 - -# (string) Make ansible transform invalid characters in group names supplied by inventory sources. -force_valid_group_names=never - -# (boolean) Toggles the use of persistence for connections. -use_persistent_connections=False - -# (bool) A toggle to disable validating a collection's 'metadata' entry for a module_defaults action group. Metadata containing unexpected fields or value types will produce a warning when this is True. -validate_action_group_metadata=True - -# (list) Accept list for variable plugins that require it. -vars_plugins_enabled=host_group_vars - -# (list) Allows to change the group variable precedence merge order. -precedence=all_inventory, groups_inventory, all_plugins_inventory, all_plugins_play, groups_plugins_inventory, groups_plugins_play - -# (string) The salt to use for the vault encryption. If it is not provided, a random salt will be used. -vault_encrypt_salt= - -# (bool) Force 'verbose' option to use stderr instead of stdout -verbose_to_stderr=False - -# (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how long, in seconds, to wait for the task spawned by Ansible to connect back to the named pipe used on Windows systems. The default is 5 seconds. This can be too low on slower systems, or systems under heavy load. -# This is not the total time an async command can run for, but is a separate timeout to wait for an async command to start. The task will only start to be timed against its async_timeout once it has connected to the pipe, so the overall maximum duration the task can take will be extended by the amount specified here. -win_async_startup_timeout=5 - -# (list) Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these. -# This affects vars_files, include_vars, inventory and vars plugins among others. -yaml_valid_extensions=.yml, .yaml, .json - - -[privilege_escalation] -# (boolean) Display an agnostic become prompt instead of displaying a prompt containing the command line supplied become method. -agnostic_become_prompt=True - -# (boolean) When ``False``(default), Ansible will skip using become if the remote user is the same as the become user, as this is normally a redundant operation. In other words root sudo to root. -# If ``True``, this forces Ansible to use the become plugin anyways as there are cases in which this is needed. -become_allow_same_user=False - -# (boolean) Toggles the use of privilege escalation, allowing you to 'become' another user after login. -become=False - -# (boolean) Toggle to prompt for privilege escalation password. -become_ask_pass=False - -# (string) executable to use for privilege escalation, otherwise Ansible will depend on PATH. -become_exe= - -# (string) Flags to pass to the privilege escalation executable. -become_flags= - -# (string) Privilege escalation method to use when `become` is enabled. -become_method=sudo - -# (string) The user your login/remote user 'becomes' when using privilege escalation, most systems will use 'root' when no user is specified. -become_user=root - - -[persistent_connection] -# (path) Specify where to look for the ansible-connection script. This location will be checked before searching $PATH. -# If null, ansible will start with the same directory as the ansible script. -ansible_connection_path= - -# (int) This controls the amount of time to wait for a response from a remote device before timing out a persistent connection. -command_timeout=30 - -# (integer) This controls the retry timeout for persistent connection to connect to the local domain socket. -connect_retry_timeout=15 - -# (integer) This controls how long the persistent connection will remain idle before it is destroyed. -connect_timeout=30 - -# (path) Path to the socket to be used by the connection persistence system. -control_path_dir= - - -[connection] -# (boolean) This is a global option, each connection plugin can override either by having more specific options or not supporting pipelining at all. -# Pipelining, if supported by the connection plugin, reduces the number of network operations required to execute a module on the remote server, by executing many Ansible modules without actual file transfer. -# It can result in a very significant performance improvement when enabled. -# However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default. -# This setting will be disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled. -pipelining=False - - -[colors] -# (string) Defines the color to use on 'Changed' task status. -changed=yellow - -# (string) Defines the default color to use for ansible-console. -console_prompt=white - -# (string) Defines the color to use when emitting debug messages. -debug=dark gray - -# (string) Defines the color to use when emitting deprecation messages. -deprecate=purple - -# (string) Defines the color to use when showing added lines in diffs. -diff_add=green - -# (string) Defines the color to use when showing diffs. -diff_lines=cyan - -# (string) Defines the color to use when showing removed lines in diffs. -diff_remove=red - -# (string) Defines the color to use when emitting error messages. -error=red - -# (string) Defines the color to use for highlighting. -highlight=white - -# (string) Defines the color to use when showing 'OK' task status. -ok=green - -# (string) Defines the color to use when showing 'Skipped' task status. -skip=cyan - -# (string) Defines the color to use on 'Unreachable' status. -unreachable=bright red - -# (string) Defines the color to use when emitting verbose messages. In other words, those that show with '-v's. -verbose=blue - -# (string) Defines the color to use when emitting warning messages. -warn=bright purple - - -[selinux] -# (boolean) This setting causes libvirt to connect to LXC containers by passing ``--noseclabel`` parameter to ``virsh`` command. This is necessary when running on systems which do not have SELinux. -libvirt_lxc_noseclabel=False - -# (list) Some filesystems do not support safe operations and/or return inconsistent errors, this setting makes Ansible 'tolerate' those in the list without causing fatal errors. -# Data corruption may occur and writes are not always verified when a filesystem is in the list. -special_context_filesystems=fuse, nfs, vboxsf, ramfs, 9p, vfat - - -[diff] -# (bool) Configuration toggle to tell modules to show differences when in 'changed' status, equivalent to ``--diff``. -always=False - -# (integer) Number of lines of context to show when displaying the differences between files. -context=3 - - -[galaxy] -# (path) The directory that stores cached responses from a Galaxy server. -# This is only used by the ``ansible-galaxy collection install`` and ``download`` commands. -# Cache files inside this dir will be ignored if they are world writable. -cache_dir= - -# (bool) whether ``ansible-galaxy collection install`` should warn about ``--collections-path`` missing from configured :ref:`collections_paths`. -collections_path_warning=True - -# (path) Collection skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy collection``, same as ``--collection-skeleton``. -collection_skeleton= - -# (list) patterns of files to ignore inside a Galaxy collection skeleton directory. -collection_skeleton_ignore=^.git$, ^.*/.git_keep$ - -# (bool) Disable GPG signature verification during collection installation. -disable_gpg_verify=False - -# (bool) Some steps in ``ansible-galaxy`` display a progress wheel which can cause issues on certain displays or when outputting the stdout to a file. -# This config option controls whether the display wheel is shown or not. -# The default is to show the display wheel if stdout has a tty. -display_progress= - -# (path) Configure the keyring used for GPG signature verification during collection installation and verification. -gpg_keyring= - -# (boolean) If set to yes, ansible-galaxy will not validate TLS certificates. This can be useful for testing against a server with a self-signed certificate. -ignore_certs= - -# (list) A list of GPG status codes to ignore during GPG signature verification. See L(https://github.com/gpg/gnupg/blob/master/doc/DETAILS#general-status-codes) for status code descriptions. -# If fewer signatures successfully verify the collection than `GALAXY_REQUIRED_VALID_SIGNATURE_COUNT`, signature verification will fail even if all error codes are ignored. -# ignore_signature_status_codes= - -# (str) The number of signatures that must be successful during GPG signature verification while installing or verifying collections. -# This should be a positive integer or all to indicate all signatures must successfully validate the collection. -# Prepend + to the value to fail if no valid signatures are found for the collection. -required_valid_signature_count=1 - -# (path) Role skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy``/``ansible-galaxy role``, same as ``--role-skeleton``. -role_skeleton= - -# (list) patterns of files to ignore inside a Galaxy role or collection skeleton directory. -role_skeleton_ignore=^.git$, ^.*/.git_keep$ - -# (string) URL to prepend when roles don't specify the full URI, assume they are referencing this server as the source. -server=https://galaxy.ansible.com - -# (list) A list of Galaxy servers to use when installing a collection. -# The value corresponds to the config ini header ``[galaxy_server.{{item}}]`` which defines the server details. -# See :ref:`galaxy_server_config` for more details on how to define a Galaxy server. -# The order of servers in this list is used as the order in which a collection is resolved. -# Setting this config option will ignore the :ref:`galaxy_server` config option. -server_list= - -# (int) The default timeout for Galaxy API calls. Galaxy servers that don't configure a specific timeout will fall back to this value. -server_timeout=60 - -# (path) Local path to galaxy access token file -token_path= - - -[inventory] -# (string) This setting changes the behaviour of mismatched host patterns, it allows you to force a fatal error, a warning or just ignore it. -host_pattern_mismatch=warning - -# (boolean) If 'true', it is a fatal error when any given inventory source cannot be successfully parsed by any available inventory plugin; otherwise, this situation only attracts a warning. - -any_unparsed_is_failed=False - -# (bool) Toggle to turn on inventory caching. -# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. -# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory configuration. -# This message will be removed in 2.16. -cache=False - -# (string) The plugin for caching inventory. -# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. -# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. -# This message will be removed in 2.16. -cache_plugin= - -# (string) The inventory cache connection. -# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. -# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. -# This message will be removed in 2.16. -cache_connection= - -# (string) The table prefix for the cache plugin. -# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. -# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. -# This message will be removed in 2.16. -cache_prefix=ansible_inventory_ - -# (string) Expiration timeout for the inventory cache plugin data. -# This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. -# The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. -# This message will be removed in 2.16. -cache_timeout=3600 - -# (list) List of enabled inventory plugins, it also determines the order in which they are used. -enable_plugins=host_list, script, auto, yaml, ini, toml - -# (bool) Controls if ansible-inventory will accurately reflect Ansible's view into inventory or its optimized for exporting. -export=False - -# (list) List of extensions to ignore when using a directory as an inventory source. -ignore_extensions=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .orig, .ini, .cfg, .retry - -# (list) List of patterns to ignore when using a directory as an inventory source. -ignore_patterns= - -# (bool) If 'true' it is a fatal error if every single potential inventory source fails to parse, otherwise, this situation will only attract a warning. - -unparsed_is_failed=False - -# (boolean) By default, Ansible will issue a warning when no inventory was loaded and notes that it will use an implicit localhost-only inventory. -# These warnings can be silenced by adjusting this setting to False. -inventory_unparsed_warning=True - - -[netconf_connection] -# (string) This variable is used to enable bastion/jump host with netconf connection. If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config file, alternatively it can be set to custom ssh configuration file path to read the bastion/jump host settings. -ssh_config= - - -[paramiko_connection] -# (boolean) TODO: write it -host_key_auto_add=False - -# (boolean) TODO: write it -look_for_keys=True - - -[jinja2] -# (list) This list of filters avoids 'type conversion' when templating variables. -# Useful when you want to avoid conversion into lists or dictionaries for JSON strings, for example. -dont_type_filters=string, to_json, to_nice_json, to_yaml, to_nice_yaml, ppretty, json - - -[tags] -# (list) default list of tags to run in your plays, Skip Tags has precedence. -run= - -# (list) default list of tags to skip in your plays, has precedence over Run Tags -skip= - From d0aaee54a51a47bfd04df0248086d62317e59dca Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 16:52:20 -0500 Subject: [PATCH 78/80] temporarily do not update global-config I need a base system to test --- ansible.cfg.candidate => ansible.cfg | 676 ++++++++++++++++------- roles/nodered/tasks/configure-Ubuntu.yml | 24 +- 2 files changed, 491 insertions(+), 209 deletions(-) rename ansible.cfg.candidate => ansible.cfg (64%) diff --git a/ansible.cfg.candidate b/ansible.cfg similarity index 64% rename from ansible.cfg.candidate rename to ansible.cfg index 7d3bd0b..2b8f6c5 100644 --- a/ansible.cfg.candidate +++ b/ansible.cfg @@ -1,126 +1,126 @@ [defaults] # (boolean) By default, Ansible will issue a warning when received from a task action (module or action plugin). # These warnings can be silenced by adjusting this setting to False. -action_warnings=True +;action_warnings=True # (list) Accept a list of cowsay templates that are 'safe' to use, set to an empty list if you want to enable all installed templates. -cowsay_enabled_stencils=bud-frogs, bunny, cheese, daemon, default, dragon, elephant-in-snake, elephant, eyes, hellokitty, kitty, luke-koala, meow, milk, moofasa, moose, ren, sheep, small, stegosaurus, stimpy, supermilker, three-eyes, turkey, turtle, tux, udder, vader-koala, vader, www +;cowsay_enabled_stencils=bud-frogs, bunny, cheese, daemon, default, dragon, elephant-in-snake, elephant, eyes, hellokitty, kitty, luke-koala, meow, milk, moofasa, moose, ren, sheep, small, stegosaurus, stimpy, supermilker, three-eyes, turkey, turtle, tux, udder, vader-koala, vader, www # (string) Specify a custom cowsay path or swap in your cowsay implementation of choice. -cowpath= +;cowpath= # (string) This allows you to choose a specific cowsay stencil for the banners or use 'random' to cycle through them. -cow_selection=default +;cow_selection=default # (boolean) This option forces color mode even when running without a TTY or the "nocolor" setting is True. -force_color=False +;force_color=False # (path) The default root path for Ansible config files on the controller. -home=~/.ansible +;home=~/.ansible # (boolean) This setting allows suppressing colorizing output, which is used to give a better indication of failure and status information. -nocolor=False +;nocolor=False # (boolean) If you have cowsay installed but want to avoid the 'cows' (why????), use this. -nocows=False +;nocows=False # (boolean) Sets the default value for the any_errors_fatal keyword, if True, Task failures will be considered fatal errors. -any_errors_fatal=False +;any_errors_fatal=False # (path) The password file to use for the become plugin. ``--become-password-file``. # If executable, it will be run and the resulting stdout will be used as the password. -become_password_file= +;become_password_file= # (pathspec) Colon-separated paths in which Ansible will search for Become Plugins. -become_plugins=/usr/share/ansible/plugins/become +;become_plugins=/var/home/phreed/.ansible/plugins/become:/usr/share/ansible/plugins/become # (string) Chooses which cache plugin to use, the default 'memory' is ephemeral. -fact_caching=memory +;fact_caching=memory # (string) Defines connection or path information for the cache plugin. -fact_caching_connection= +;fact_caching_connection= # (string) Prefix to use for cache plugin files/tables. -fact_caching_prefix=ansible_facts +;fact_caching_prefix=ansible_facts # (integer) Expiration timeout for the cache plugin data. -fact_caching_timeout=86400 +;fact_caching_timeout=86400 # (list) List of enabled callbacks, not all callbacks need enabling, but many of those shipped with Ansible do as we don't want them activated by default. -callbacks_enabled= +;callbacks_enabled= # (string) When a collection is loaded that does not support the running Ansible version (with the collection metadata key `requires_ansible`). -collections_on_ansible_version_mismatch=warning +;collections_on_ansible_version_mismatch=warning # (pathspec) Colon-separated paths in which Ansible will search for collections content. Collections must be in nested *subdirectories*, not directly in these directories. For example, if ``COLLECTIONS_PATHS`` includes ``'{{ ANSIBLE_HOME ~ "/collections" }}'``, and you want to add ``my.collection`` to that directory, it must be saved as ``'{{ ANSIBLE_HOME} ~ "/collections/ansible_collections/my/collection" }}'``. -collections_path=/usr/share/ansible/collections +;collections_path=/var/home/phreed/.ansible/collections:/usr/share/ansible/collections # (boolean) A boolean to enable or disable scanning the sys.path for installed collections. -collections_scan_sys_path=True +;collections_scan_sys_path=True # (path) The password file to use for the connection plugin. ``--connection-password-file``. -connection_password_file= +;connection_password_file= # (pathspec) Colon-separated paths in which Ansible will search for Action Plugins. -action_plugins=/usr/share/ansible/plugins/action +;action_plugins=/var/home/phreed/.ansible/plugins/action:/usr/share/ansible/plugins/action # (boolean) When enabled, this option allows lookup plugins (whether used in variables as ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked 'unsafe'. # By default, such data is marked as unsafe to prevent the templating engine from evaluating any jinja2 templating language, as this could represent a security risk. This option is provided to allow for backward compatibility, however, users should first consider adding allow_unsafe=True to any lookups that may be expected to contain data that may be run through the templating engine late. -allow_unsafe_lookups=False +;allow_unsafe_lookups=False # (boolean) This controls whether an Ansible playbook should prompt for a login password. If using SSH keys for authentication, you probably do not need to change this setting. -ask_pass=False +;ask_pass=False # (boolean) This controls whether an Ansible playbook should prompt for a vault password. -ask_vault_pass=False +;ask_vault_pass=False # (pathspec) Colon-separated paths in which Ansible will search for Cache Plugins. -cache_plugins=/usr/share/ansible/plugins/cache +;cache_plugins=/var/home/phreed/.ansible/plugins/cache:/usr/share/ansible/plugins/cache # (pathspec) Colon-separated paths in which Ansible will search for Callback Plugins. -callback_plugins=/usr/share/ansible/plugins/callback +;callback_plugins=/var/home/phreed/.ansible/plugins/callback:/usr/share/ansible/plugins/callback # (pathspec) Colon-separated paths in which Ansible will search for Cliconf Plugins. -cliconf_plugins=/usr/share/ansible/plugins/cliconf +;cliconf_plugins=/var/home/phreed/.ansible/plugins/cliconf:/usr/share/ansible/plugins/cliconf # (pathspec) Colon-separated paths in which Ansible will search for Connection Plugins. -connection_plugins=/usr/share/ansible/plugins/connection +;connection_plugins=/var/home/phreed/.ansible/plugins/connection:/usr/share/ansible/plugins/connection # (boolean) Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing. Debug output can also include secret information despite no_log settings being enabled, which means debug mode should not be used in production. -debug=False +;debug=False # (string) This indicates the command to use to spawn a shell under, which is required for Ansible's execution needs on a target. Users may need to change this in rare instances when shell usage is constrained, but in most cases, it may be left as is. -executable=/bin/sh +;executable=/bin/sh # (string) This option allows you to globally configure a custom path for 'local_facts' for the implied :ref:`ansible_collections.ansible.builtin.setup_module` task when using fact gathering. # If not set, it will fall back to the default from the ``ansible.builtin.setup`` module: ``/etc/ansible/facts.d``. # This does **not** affect user defined tasks that use the ``ansible.builtin.setup`` module. # The real action being created by the implicit task is currently ``ansible.legacy.gather_facts`` module, which then calls the configured fact modules, by default this will be ``ansible.builtin.setup`` for POSIX systems but other platforms might have different defaults. -fact_path= +;fact_path= # (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Filter Plugins. -filter_plugins=/usr/share/ansible/plugins/filter +;filter_plugins=/var/home/phreed/.ansible/plugins/filter:/usr/share/ansible/plugins/filter # (boolean) This option controls if notified handlers run on a host even if a failure occurs on that host. # When false, the handlers will not run if a failure has occurred on a host. # This can also be set per play or on the command line. See Handlers and Failure for more details. -force_handlers=False +;force_handlers=False # (integer) Maximum number of forks Ansible will use to execute tasks on target hosts. -forks=5 +;forks=5 # (string) This setting controls the default policy of fact gathering (facts discovered about remote systems). # This option can be useful for those wishing to save fact gathering time. Both 'smart' and 'explicit' will use the cache plugin. -gathering=implicit +;gathering=implicit # (list) Set the `gather_subset` option for the :ref:`ansible_collections.ansible.builtin.setup_module` task in the implicit fact gathering. See the module documentation for specifics. # It does **not** apply to user defined ``ansible.builtin.setup`` tasks. -gather_subset= +;gather_subset= # (integer) Set the timeout in seconds for the implicit fact gathering, see the module documentation for specifics. # It does **not** apply to user defined :ref:`ansible_collections.ansible.builtin.setup_module` tasks. -gather_timeout=10 +;gather_timeout= # (string) This setting controls how duplicate definitions of dictionary variables (aka hash, map, associative array) are handled in Ansible. # This does not affect variables whose values are scalars (integers, strings) or arrays. @@ -131,351 +131,400 @@ gather_timeout=10 # Changing the setting to ``merge`` applies across variable sources, but many sources will internally still overwrite the variables. For example ``include_vars`` will dedupe variables internally before updating Ansible, with 'last defined' overwriting previous definitions in same file. # The Ansible project recommends you **avoid ``merge`` for new projects.** # It is the intention of the Ansible developers to eventually deprecate and remove this setting, but it is being kept as some users do heavily rely on it. New projects should **avoid 'merge'**. -hash_behaviour=replace +;hash_behaviour=replace # (pathlist) Comma-separated list of Ansible inventory sources -inventory=/etc/ansible/hosts +;inventory=/etc/ansible/hosts # (pathspec) Colon-separated paths in which Ansible will search for HttpApi Plugins. -httpapi_plugins=/usr/share/ansible/plugins/httpapi +;httpapi_plugins=/var/home/phreed/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi # (float) This sets the interval (in seconds) of Ansible internal processes polling each other. Lower values improve performance with large playbooks at the expense of extra CPU load. Higher values are more suitable for Ansible usage in automation scenarios when UI responsiveness is not required but CPU usage might be a concern. # The default corresponds to the value hardcoded in Ansible <= 2.1 -internal_poll_interval=0.001 +;internal_poll_interval=0.001 # (pathspec) Colon-separated paths in which Ansible will search for Inventory Plugins. -inventory_plugins=/usr/share/ansible/plugins/inventory +;inventory_plugins=/var/home/phreed/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory # (string) This is a developer-specific feature that allows enabling additional Jinja2 extensions. # See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :) -jinja2_extensions=[] +;jinja2_extensions=[] # (boolean) This option preserves variable types during template operations. -jinja2_native=False +;jinja2_native=False # (boolean) Enables/disables the cleaning up of the temporary files Ansible used to execute the tasks on the remote. # If this option is enabled it will disable ``ANSIBLE_PIPELINING``. -keep_remote_files=False +;keep_remote_files=False # (boolean) Controls whether callback plugins are loaded when running /usr/bin/ansible. This may be used to log activity from the command line, send notifications, and so on. Callback plugins are always loaded for ``ansible-playbook``. -bin_ansible_callbacks=False +;bin_ansible_callbacks=False # (tmppath) Temporary directory for Ansible to use on the controller. -local_tmp= +;local_tmp=/var/home/phreed/.ansible/tmp # (list) List of logger names to filter out of the log file. -log_filter= +;log_filter= # (path) File to which Ansible will log on the controller. When empty logging is disabled. -log_path= +;log_path= # (pathspec) Colon-separated paths in which Ansible will search for Lookup Plugins. -lookup_plugins=/usr/share/ansible/plugins/lookup +;lookup_plugins=/var/home/phreed/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup # (string) Sets the macro for the 'ansible_managed' variable available for :ref:`ansible_collections.ansible.builtin.template_module` and :ref:`ansible_collections.ansible.windows.win_template_module`. This is only relevant to those two modules. -ansible_managed=Ansible managed +;ansible_managed=Ansible managed # (string) This sets the default arguments to pass to the ``ansible`` adhoc binary if no ``-a`` is specified. -module_args= +;module_args= # (string) Compression scheme to use when transferring Python modules to the target. -module_compression=ZIP_DEFLATED +;module_compression=ZIP_DEFLATED # (string) Module to use with the ``ansible`` AdHoc command, if none is specified via ``-m``. -module_name=command +;module_name=command # (pathspec) Colon-separated paths in which Ansible will search for Modules. -library=/usr/share/ansible/plugins/modules +;library=/var/home/phreed/.ansible/plugins/modules:/usr/share/ansible/plugins/modules # (pathspec) Colon-separated paths in which Ansible will search for Module utils files, which are shared by modules. -module_utils=/usr/share/ansible/plugins/module_utils +;module_utils=/var/home/phreed/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils # (pathspec) Colon-separated paths in which Ansible will search for Netconf Plugins. -netconf_plugins=/usr/share/ansible/plugins/netconf +;netconf_plugins=/var/home/phreed/.ansible/plugins/netconf:/usr/share/ansible/plugins/netconf # (boolean) Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures. -no_log=False +;no_log=False # (boolean) Toggle Ansible logging to syslog on the target when it executes tasks. On Windows hosts, this will disable a newer style PowerShell modules from writing to the event log. -no_target_syslog=False +;no_target_syslog=False # (raw) What templating should return as a 'null' value. When not set it will let Jinja2 decide. -null_representation= +;null_representation= # (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how often to check back on the status of those tasks when an explicit poll interval is not supplied. The default is a reasonably moderate 15 seconds which is a tradeoff between checking in frequently and providing a quick turnaround when something may have completed. -poll_interval=15 +;poll_interval=15 # (path) Option for connections using a certificate or key file to authenticate, rather than an agent or passwords, you can set the default value here to avoid re-specifying ``--private-key`` with every invocation. -private_key_file= +;private_key_file= # (boolean) By default, imported roles publish their variables to the play and other roles, this setting can avoid that. # This was introduced as a way to reset role variables to default values if a role is used more than once in a playbook. # Starting in version '2.17' M(ansible.builtin.include_roles) and M(ansible.builtin.import_roles) can individually override this via the C(public) parameter. # Included roles only make their variables public at execution, unlike imported roles which happen at playbook compile time. -private_role_vars=False +;private_role_vars=False # (integer) Port to use in remote connections, when blank it will use the connection plugin default. -remote_port=22 +;remote_port= # (string) Sets the login user for the target machines # When blank it uses the connection plugin's default, normally the user currently executing Ansible. -remote_user= +;remote_user= # (pathspec) Colon-separated paths in which Ansible will search for Roles. -roles_path=/usr/share/ansible/roles:/etc/ansible/roles +;roles_path=/var/home/phreed/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles # (string) Set the main callback used to display Ansible output. You can only have one at a time. # You can have many other callbacks, but just one can be in charge of stdout. # See :ref:`callback_plugins` for a list of available options. -stdout_callback=default +;stdout_callback=default # (string) Set the default strategy used for plays. -strategy=linear +;strategy=linear # (pathspec) Colon-separated paths in which Ansible will search for Strategy Plugins. -strategy_plugins=/usr/share/ansible/plugins/strategy +;strategy_plugins=/var/home/phreed/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy # (boolean) Toggle the use of "su" for tasks. -su=False +;su=False # (string) Syslog facility to use when Ansible logs to the remote target. -syslog_facility=LOG_USER +;syslog_facility=LOG_USER # (pathspec) Colon-separated paths in which Ansible will search for Terminal Plugins. -terminal_plugins=/usr/share/ansible/plugins/terminal +;terminal_plugins=/var/home/phreed/.ansible/plugins/terminal:/usr/share/ansible/plugins/terminal # (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Test Plugins. -test_plugins=/usr/share/ansible/plugins/test +;test_plugins=/var/home/phreed/.ansible/plugins/test:/usr/share/ansible/plugins/test # (integer) This is the default timeout for connection plugins to use. -timeout=10 +;timeout=10 # (string) Can be any connection plugin available to your ansible installation. # There is also a (DEPRECATED) special 'smart' option, that will toggle between 'ssh' and 'paramiko' depending on controller OS and ssh versions. -transport=ssh +;transport=ssh # (boolean) When True, this causes ansible templating to fail steps that reference variable names that are likely typoed. # Otherwise, any '{{ template_expression }}' that contains undefined variables will be rendered in a template or ansible action line exactly as written. -error_on_undefined_vars=True +;error_on_undefined_vars=True # (pathspec) Colon-separated paths in which Ansible will search for Vars Plugins. -vars_plugins=/usr/share/ansible/plugins/vars +;vars_plugins=/var/home/phreed/.ansible/plugins/vars:/usr/share/ansible/plugins/vars # (string) The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The ``--encrypt-vault-id`` CLI option overrides the configured value. -vault_encrypt_identity= +;vault_encrypt_identity= # (string) The label to use for the default vault id label in cases where a vault id label is not provided. -vault_identity=default +;vault_identity=default # (list) A list of vault-ids to use by default. Equivalent to multiple ``--vault-id`` args. Vault-ids are tried in order. -vault_identity_list= +;vault_identity_list= # (string) If true, decrypting vaults with a vault id will only try the password from the matching vault-id. -vault_id_match=False +;vault_id_match=False # (path) The vault password file to use. Equivalent to ``--vault-password-file`` or ``--vault-id``. # If executable, it will be run and the resulting stdout will be used as the password. -vault_password_file= +;vault_password_file= # (integer) Sets the default verbosity, equivalent to the number of ``-v`` passed in the command line. -verbosity=0 +;verbosity=0 # (boolean) Toggle to control the showing of deprecation warnings -deprecation_warnings=True +;deprecation_warnings=True # (boolean) Toggle to control showing warnings related to running devel. -devel_warning=True +;devel_warning=True # (boolean) Normally ``ansible-playbook`` will print a header for each task that is run. These headers will contain the name: field from the task if you specified one. If you didn't then ``ansible-playbook`` uses the task's action to help you tell which task is presently running. Sometimes you run many of the same action and so you want more information about the task to differentiate it from others of the same action. If you set this variable to True in the config then ``ansible-playbook`` will also include the task's arguments in the header. # This setting defaults to False because there is a chance that you have sensitive values in your parameters and you do not want those to be printed. # If you set this to True you should be sure that you have secured your environment's stdout (no one can shoulder surf your screen and you aren't saving stdout to an insecure file) or made sure that all of your playbooks explicitly added the ``no_log: True`` parameter to tasks that have sensitive values :ref:`keep_secret_data` for more information. -display_args_to_stdout=False +;display_args_to_stdout=False # (boolean) Toggle to control displaying skipped task/host entries in a task in the default callback. -display_skipped_hosts=True +;display_skipped_hosts=True # (string) Root docsite URL used to generate docs URLs in warning/error text; must be an absolute URL with a valid scheme and trailing slash. -docsite_root_url=https://docs.ansible.com/ansible-core/ +;docsite_root_url=https://docs.ansible.com/ansible-core/ # (pathspec) Colon-separated paths in which Ansible will search for Documentation Fragments Plugins. -doc_fragment_plugins=/usr/share/ansible/plugins/doc_fragments +;doc_fragment_plugins=/var/home/phreed/.ansible/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments # (string) By default, Ansible will issue a warning when a duplicate dict key is encountered in YAML. # These warnings can be silenced by adjusting this setting to False. -duplicate_dict_key=warn +;duplicate_dict_key=warn # (boolean) Whether or not to enable the task debugger, this previously was done as a strategy plugin. # Now all strategy plugins can inherit this behavior. The debugger defaults to activating when # a task is failed on unreachable. Use the debugger keyword for more flexibility. -enable_task_debugger=False +;enable_task_debugger=False # (boolean) Toggle to allow missing handlers to become a warning instead of an error when notifying. -error_on_missing_handler=True +;error_on_missing_handler=True # (list) Which modules to run during a play's fact gathering stage, using the default of 'smart' will try to figure it out based on connection type. # If adding your own modules but you still want to use the default Ansible facts, you will want to include 'setup' or corresponding network module to the list (if you add 'smart', Ansible will also figure it out). # This does not affect explicit calls to the 'setup' module, but does always affect the 'gather_facts' action (implicit or explicit). -facts_modules=smart +;facts_modules=smart # (boolean) Set this to "False" if you want to avoid host key checking by the underlying connection plugin Ansible uses to connect to the host. # Please read the documentation of the specific connection plugin used for details. -host_key_checking=True +;host_key_checking=True # (boolean) Facts are available inside the `ansible_facts` variable, this setting also pushes them as their own vars in the main namespace. # Unlike inside the `ansible_facts` dictionary where the prefix `ansible_` is removed from fact names, these will have the exact names that are returned by the module. -inject_facts_as_vars=True +;inject_facts_as_vars=True # (string) Path to the Python interpreter to be used for module execution on remote targets, or an automatic discovery mode. Supported discovery modes are ``auto`` (the default), ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes employ a lookup table to use the included system Python (on distributions known to include one), falling back to a fixed ordered list of well-known Python interpreter locations if a platform-specific default is not available. The fallback behavior will issue a warning that the interpreter should be set explicitly (since interpreters installed later may change which one is used). This warning behavior can be disabled by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy`` provides all the same behavior, but for backward-compatibility with older Ansible releases that always defaulted to ``/usr/bin/python``, will use that interpreter if present. -interpreter_python=auto +;interpreter_python=auto # (boolean) If 'false', invalid attributes for a task will result in warnings instead of errors. -invalid_task_attribute_failed=True +;invalid_task_attribute_failed=True # (boolean) By default, Ansible will issue a warning when there are no hosts in the inventory. # These warnings can be silenced by adjusting this setting to False. -localhost_warning=True +;localhost_warning=True # (int) This will set log verbosity if higher than the normal display verbosity, otherwise it will match that. -log_verbosity=0 +;log_verbosity= # (int) Maximum size of files to be considered for diff display. -max_diff_size=104448 +;max_diff_size=104448 # (list) List of extensions to ignore when looking for modules to load. # This is for rejecting script and binary module fallback extensions. -module_ignore_exts=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .yaml, .yml, .ini +;module_ignore_exts=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .yaml, .yml, .ini # (bool) Enables whether module responses are evaluated for containing non-UTF-8 data. # Disabling this may result in unexpected behavior. # Only ansible-core should evaluate this configuration. -module_strict_utf8_response=True +;module_strict_utf8_response=True # (list) TODO: write it -network_group_modules=eos, nxos, ios, iosxr, junos, enos, ce, vyos, sros, dellos9, dellos10, dellos6, asa, aruba, aireos, bigip, ironware, onyx, netconf, exos, voss, slxos +;network_group_modules=eos, nxos, ios, iosxr, junos, enos, ce, vyos, sros, dellos9, dellos10, dellos6, asa, aruba, aireos, bigip, ironware, onyx, netconf, exos, voss, slxos # (boolean) Previously Ansible would only clear some of the plugin loading caches when loading new roles, this led to some behaviors in which a plugin loaded in previous plays would be unexpectedly 'sticky'. This setting allows the user to return to that behavior. -old_plugin_cache_clear=False +;old_plugin_cache_clear=False # (path) A number of non-playbook CLIs have a ``--playbook-dir`` argument; this sets the default value for it. -playbook_dir= +;playbook_dir= # (string) This sets which playbook dirs will be used as a root to process vars plugins, which includes finding host_vars/group_vars. -playbook_vars_root=top +;playbook_vars_root=top # (path) A path to configuration for filtering which plugins installed on the system are allowed to be used. # See :ref:`plugin_filtering_config` for details of the filter file's format. # The default is /etc/ansible/plugin_filters.yml -plugin_filters_cfg= +;plugin_filters_cfg= # (string) Attempts to set RLIMIT_NOFILE soft limit to the specified value when executing Python modules (can speed up subprocess usage on Python 2.x. See https://bugs.python.org/issue11284). The value will be limited by the existing hard limit. Default value of 0 does not attempt to adjust existing system-defined limits. -python_module_rlimit_nofile=0 +;python_module_rlimit_nofile=0 # (bool) This controls whether a failed Ansible playbook should create a .retry file. -retry_files_enabled=False +;retry_files_enabled=False # (path) This sets the path in which Ansible will save .retry files when a playbook fails and retry files are enabled. # This file will be overwritten after each run with the list of failed hosts from all plays. -retry_files_save_path= +;retry_files_save_path= # (str) This setting can be used to optimize vars_plugin usage depending on the user's inventory size and play selection. -run_vars_plugins=demand +;run_vars_plugins=demand # (bool) This adds the custom stats set via the set_stats plugin to the default output. -show_custom_stats=False +;show_custom_stats=False # (string) Action to take when a module parameter value is converted to a string (this does not affect variables). For string parameters, values such as '1.00', "['a', 'b',]", and 'yes', 'y', etc. will be converted by the YAML parser unless fully quoted. # Valid options are 'error', 'warn', and 'ignore'. # Since 2.8, this option defaults to 'warn' but will change to 'error' in 2.12. -string_conversion_action=warn +;string_conversion_action=warn # (boolean) Allows disabling of warnings related to potential issues on the system running Ansible itself (not on the managed hosts). # These may include warnings about third-party packages or other conditions that should be resolved if possible. -system_warnings=True +;system_warnings=True # (string) A string to insert into target logging for tracking purposes -target_log_info= +;target_log_info= # (boolean) This option defines whether the task debugger will be invoked on a failed task when ignore_errors=True is specified. # True specifies that the debugger will honor ignore_errors, and False will not honor ignore_errors. -task_debugger_ignore_errors=True +;task_debugger_ignore_errors=True # (integer) Set the maximum time (in seconds) that a task can run for. # If set to 0 (the default) there is no timeout. -task_timeout=0 +;task_timeout=0 # (string) Make ansible transform invalid characters in group names supplied by inventory sources. -force_valid_group_names=never +;force_valid_group_names=never # (boolean) Toggles the use of persistence for connections. -use_persistent_connections=False +;use_persistent_connections=False # (bool) A toggle to disable validating a collection's 'metadata' entry for a module_defaults action group. Metadata containing unexpected fields or value types will produce a warning when this is True. -validate_action_group_metadata=True +;validate_action_group_metadata=True # (list) Accept list for variable plugins that require it. -vars_plugins_enabled=host_group_vars +;vars_plugins_enabled=host_group_vars # (list) Allows to change the group variable precedence merge order. -precedence=all_inventory, groups_inventory, all_plugins_inventory, all_plugins_play, groups_plugins_inventory, groups_plugins_play +;precedence=all_inventory, groups_inventory, all_plugins_inventory, all_plugins_play, groups_plugins_inventory, groups_plugins_play # (string) The salt to use for the vault encryption. If it is not provided, a random salt will be used. -vault_encrypt_salt= +;vault_encrypt_salt= # (bool) Force 'verbose' option to use stderr instead of stdout -verbose_to_stderr=False +;verbose_to_stderr=False # (integer) For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), this is how long, in seconds, to wait for the task spawned by Ansible to connect back to the named pipe used on Windows systems. The default is 5 seconds. This can be too low on slower systems, or systems under heavy load. # This is not the total time an async command can run for, but is a separate timeout to wait for an async command to start. The task will only start to be timed against its async_timeout once it has connected to the pipe, so the overall maximum duration the task can take will be extended by the amount specified here. -win_async_startup_timeout=5 +;win_async_startup_timeout=5 # (list) Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these. # This affects vars_files, include_vars, inventory and vars plugins among others. -yaml_valid_extensions=.yml, .yaml, .json +;yaml_valid_extensions=.yml, .yaml, .json + +# (bool) Toggle to control displaying markers when running in check mode. +# The markers are C(DRY RUN) at the beginning and ending of playbook execution (when calling C(ansible-playbook --check)) and C(CHECK MODE) as a suffix at every play and task that is run in check mode. +;check_mode_markers=False + +# (bool) Toggle to control whether failed and unreachable tasks are displayed to STDERR (vs. STDOUT) +;display_failed_stderr=False + +# (bool) Toggle to control displaying 'ok' task/host results in a task +;display_ok_hosts=True + +# (bool) Configure the result format to be more readable +# When O(result_format) is set to V(yaml) this option defaults to V(True), and defaults to V(False) when configured to V(json). +# Setting this option to V(True) will force V(json) and V(yaml) results to always be pretty printed regardless of verbosity. +# When set to V(True) and used with the V(yaml) result format, this option will modify module responses in an attempt to produce a more human friendly output at the expense of correctness, and should not be relied upon to aid in writing variable manipulations or conditionals. For correctness, set this option to V(False) or set O(result_format) to V(json). +;callback_format_pretty= + +# (str) Define the task result format used in the callback output. +# These formats do not cause the callback to emit valid JSON or YAML formats. +# The output contains these formats interspersed with other non-machine parsable data. +;callback_result_format=json + +# (bool) This adds output that shows when a task is started to execute for each host +;show_per_host_start=False + +# (bool) When a task fails, display the path to the file containing the failed task and the line number. This information is displayed automatically for every task when running with C(-vv) or greater verbosity. +;show_task_path_on_failure=False + +# (list) list of users to be expected to have admin privileges. This is used by the controller to determine how to share temporary files between the remote user and the become user. +;admin_users=root, toor + +# (string) Directory in which ansible will keep async job information +;async_dir=~/.ansible_async + +# (string) Checked when Ansible needs to execute a module as a different user. +# If setfacl and chown both fail and do not let the different user access the module's files, they will be chgrp'd to this group. +# In order for this to work, the remote_user and become_user must share a common group and this setting must be set to that group. +;common_remote_group= + +# (string) Temporary directory to use on targets when executing tasks. +;remote_tmp=~/.ansible/tmp + +# (list) List of valid system temporary directories on the managed machine for Ansible to validate O(remote_tmp) against, when specific permissions are needed. These must be world readable, writable, and executable. This list should only contain directories which the system administrator has pre-created with the proper ownership and permissions otherwise security issues can arise. +# When O(remote_tmp) is required to be a system temp dir and it does not match any in the list, the first one from the list will be used instead. +;system_tmpdirs=/var/tmp, /tmp + +# (boolean) This makes the temporary files created on the machine world-readable and will issue a warning instead of failing the task. +# It is useful when becoming an unprivileged user. +;allow_world_readable_tmpfiles=False [privilege_escalation] # (boolean) Display an agnostic become prompt instead of displaying a prompt containing the command line supplied become method. -agnostic_become_prompt=True +;agnostic_become_prompt=True # (boolean) When ``False``(default), Ansible will skip using become if the remote user is the same as the become user, as this is normally a redundant operation. In other words root sudo to root. # If ``True``, this forces Ansible to use the become plugin anyways as there are cases in which this is needed. -become_allow_same_user=False +;become_allow_same_user=False # (boolean) Toggles the use of privilege escalation, allowing you to 'become' another user after login. -become=False +;become=False # (boolean) Toggle to prompt for privilege escalation password. -become_ask_pass=False +;become_ask_pass=False # (string) executable to use for privilege escalation, otherwise Ansible will depend on PATH. -become_exe= +;become_exe= # (string) Flags to pass to the privilege escalation executable. -become_flags= +;become_flags= # (string) Privilege escalation method to use when `become` is enabled. -become_method=sudo +;become_method=sudo # (string) The user your login/remote user 'becomes' when using privilege escalation, most systems will use 'root' when no user is specified. -become_user=root +;become_user=root [persistent_connection] # (path) Specify where to look for the ansible-connection script. This location will be checked before searching $PATH. # If null, ansible will start with the same directory as the ansible script. -ansible_connection_path= +;ansible_connection_path= # (int) This controls the amount of time to wait for a response from a remote device before timing out a persistent connection. -command_timeout=30 +;command_timeout=30 # (integer) This controls the retry timeout for persistent connection to connect to the local domain socket. -connect_retry_timeout=15 +;connect_retry_timeout=15 # (integer) This controls how long the persistent connection will remain idle before it is destroyed. -connect_timeout=30 +;connect_timeout=30 # (path) Path to the socket to be used by the connection persistence system. -control_path_dir= +;control_path_dir=/var/home/phreed/.ansible/pc [connection] @@ -484,215 +533,448 @@ control_path_dir= # It can result in a very significant performance improvement when enabled. # However this conflicts with privilege escalation (become). For example, when using 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all managed hosts, which is why it is disabled by default. # This setting will be disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled. -pipelining=False +;pipelining=False [colors] # (string) Defines the color to use on 'Changed' task status. -changed=yellow +;changed=yellow # (string) Defines the default color to use for ansible-console. -console_prompt=white +;console_prompt=white # (string) Defines the color to use when emitting debug messages. -debug=dark gray +;debug=dark gray # (string) Defines the color to use when emitting deprecation messages. -deprecate=purple +;deprecate=purple # (string) Defines the color to use when showing added lines in diffs. -diff_add=green +;diff_add=green # (string) Defines the color to use when showing diffs. -diff_lines=cyan +;diff_lines=cyan # (string) Defines the color to use when showing removed lines in diffs. -diff_remove=red +;diff_remove=red # (string) Defines the color to use when emitting error messages. -error=red +;error=red # (string) Defines the color to use for highlighting. -highlight=white +;highlight=white # (string) Defines the color to use when showing 'OK' task status. -ok=green +;ok=green # (string) Defines the color to use when showing 'Skipped' task status. -skip=cyan +;skip=cyan # (string) Defines the color to use on 'Unreachable' status. -unreachable=bright red +;unreachable=bright red # (string) Defines the color to use when emitting verbose messages. In other words, those that show with '-v's. -verbose=blue +;verbose=blue # (string) Defines the color to use when emitting warning messages. -warn=bright purple +;warn=bright purple [selinux] # (boolean) This setting causes libvirt to connect to LXC containers by passing ``--noseclabel`` parameter to ``virsh`` command. This is necessary when running on systems which do not have SELinux. -libvirt_lxc_noseclabel=False +;libvirt_lxc_noseclabel=False # (list) Some filesystems do not support safe operations and/or return inconsistent errors, this setting makes Ansible 'tolerate' those in the list without causing fatal errors. # Data corruption may occur and writes are not always verified when a filesystem is in the list. -special_context_filesystems=fuse, nfs, vboxsf, ramfs, 9p, vfat +;special_context_filesystems=fuse, nfs, vboxsf, ramfs, 9p, vfat [diff] # (bool) Configuration toggle to tell modules to show differences when in 'changed' status, equivalent to ``--diff``. -always=False +;always=False # (integer) Number of lines of context to show when displaying the differences between files. -context=3 +;context=3 [galaxy] # (path) The directory that stores cached responses from a Galaxy server. # This is only used by the ``ansible-galaxy collection install`` and ``download`` commands. # Cache files inside this dir will be ignored if they are world writable. -cache_dir= +;cache_dir=/var/home/phreed/.ansible/galaxy_cache # (bool) whether ``ansible-galaxy collection install`` should warn about ``--collections-path`` missing from configured :ref:`collections_paths`. -collections_path_warning=True +;collections_path_warning=True # (path) Collection skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy collection``, same as ``--collection-skeleton``. -collection_skeleton= +;collection_skeleton= # (list) patterns of files to ignore inside a Galaxy collection skeleton directory. -collection_skeleton_ignore=^.git$, ^.*/.git_keep$ +;collection_skeleton_ignore=^.git$, ^.*/.git_keep$ # (bool) Disable GPG signature verification during collection installation. -disable_gpg_verify=False +;disable_gpg_verify=False # (bool) Some steps in ``ansible-galaxy`` display a progress wheel which can cause issues on certain displays or when outputting the stdout to a file. # This config option controls whether the display wheel is shown or not. # The default is to show the display wheel if stdout has a tty. -display_progress= +;display_progress= # (path) Configure the keyring used for GPG signature verification during collection installation and verification. -gpg_keyring= +;gpg_keyring= # (boolean) If set to yes, ansible-galaxy will not validate TLS certificates. This can be useful for testing against a server with a self-signed certificate. -ignore_certs= +;ignore_certs= -# (list) A list of GPG status codes to ignore during GPG signature verification. -# See L(https://github.com/gpg/gnupg/blob/master/doc/DETAILS#general-status-codes) for status code descriptions. -# If fewer signatures successfully verify the collection than `GALAXY_REQUIRED_VALID_SIGNATURE_COUNT`, -# signature verification will fail even if all error codes are ignored. -; ignore_signature_status_codes= +# (list) A list of GPG status codes to ignore during GPG signature verification. See L(https://github.com/gpg/gnupg/blob/master/doc/DETAILS#general-status-codes) for status code descriptions. +# If fewer signatures successfully verify the collection than `GALAXY_REQUIRED_VALID_SIGNATURE_COUNT`, signature verification will fail even if all error codes are ignored. +;ignore_signature_status_codes= # (str) The number of signatures that must be successful during GPG signature verification while installing or verifying collections. # This should be a positive integer or all to indicate all signatures must successfully validate the collection. # Prepend + to the value to fail if no valid signatures are found for the collection. -required_valid_signature_count=1 +;required_valid_signature_count=1 # (path) Role skeleton directory to use as a template for the ``init`` action in ``ansible-galaxy``/``ansible-galaxy role``, same as ``--role-skeleton``. -role_skeleton= +;role_skeleton= # (list) patterns of files to ignore inside a Galaxy role or collection skeleton directory. -role_skeleton_ignore=^.git$, ^.*/.git_keep$ +;role_skeleton_ignore=^.git$, ^.*/.git_keep$ # (string) URL to prepend when roles don't specify the full URI, assume they are referencing this server as the source. -server=https://galaxy.ansible.com +;server=https://galaxy.ansible.com # (list) A list of Galaxy servers to use when installing a collection. # The value corresponds to the config ini header ``[galaxy_server.{{item}}]`` which defines the server details. # See :ref:`galaxy_server_config` for more details on how to define a Galaxy server. # The order of servers in this list is used as the order in which a collection is resolved. # Setting this config option will ignore the :ref:`galaxy_server` config option. -server_list= +;server_list= # (int) The default timeout for Galaxy API calls. Galaxy servers that don't configure a specific timeout will fall back to this value. -server_timeout=60 +;server_timeout=60 # (path) Local path to galaxy access token file -token_path= +;token_path=/var/home/phreed/.ansible/galaxy_token [inventory] # (string) This setting changes the behaviour of mismatched host patterns, it allows you to force a fatal error, a warning or just ignore it. -host_pattern_mismatch=warning +;host_pattern_mismatch=warning # (boolean) If 'true', it is a fatal error when any given inventory source cannot be successfully parsed by any available inventory plugin; otherwise, this situation only attracts a warning. -any_unparsed_is_failed=False +;any_unparsed_is_failed=False # (bool) Toggle to turn on inventory caching. # This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. # The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory configuration. # This message will be removed in 2.16. -cache=False +;cache=False # (string) The plugin for caching inventory. # This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. # The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. # This message will be removed in 2.16. -cache_plugin= +;cache_plugin= # (string) The inventory cache connection. # This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. # The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. # This message will be removed in 2.16. -cache_connection= +;cache_connection= # (string) The table prefix for the cache plugin. # This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. # The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. # This message will be removed in 2.16. -cache_prefix=ansible_inventory_ +;cache_prefix=ansible_inventory_ # (string) Expiration timeout for the inventory cache plugin data. # This setting has been moved to the individual inventory plugins as a plugin option :ref:`inventory_plugins`. # The existing configuration settings are still accepted with the inventory plugin adding additional options from inventory and fact cache configuration. # This message will be removed in 2.16. -cache_timeout=3600 +;cache_timeout=3600 # (list) List of enabled inventory plugins, it also determines the order in which they are used. -enable_plugins=host_list, script, auto, yaml, ini, toml +;enable_plugins=host_list, script, auto, yaml, ini, toml # (bool) Controls if ansible-inventory will accurately reflect Ansible's view into inventory or its optimized for exporting. -export=False +;export=False # (list) List of extensions to ignore when using a directory as an inventory source. -ignore_extensions=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .orig, .ini, .cfg, .retry +;ignore_extensions=.pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, .rst, .orig, .ini, .cfg, .retry # (list) List of patterns to ignore when using a directory as an inventory source. -ignore_patterns= +;ignore_patterns= # (bool) If 'true' it is a fatal error if every single potential inventory source fails to parse, otherwise, this situation will only attract a warning. -unparsed_is_failed=False +;unparsed_is_failed=False # (boolean) By default, Ansible will issue a warning when no inventory was loaded and notes that it will use an implicit localhost-only inventory. # These warnings can be silenced by adjusting this setting to False. -inventory_unparsed_warning=True +;inventory_unparsed_warning=True [netconf_connection] # (string) This variable is used to enable bastion/jump host with netconf connection. If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config file, alternatively it can be set to custom ssh configuration file path to read the bastion/jump host settings. -ssh_config= +;ssh_config= [paramiko_connection] # (boolean) TODO: write it -host_key_auto_add=False +;host_key_auto_add=False # (boolean) TODO: write it -look_for_keys=True +;look_for_keys=True + +# (float) Configures, in seconds, the amount of time to wait for the SSH banner to be presented. This option is supported by paramiko version 1.15.0 or newer. +;banner_timeout=30 + +# (boolean) Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host +;host_key_checking=True + +# (int) Remote port to connect to. +;remote_port=22 + +# (string) Path to private key file to use for authentication. +;private_key_file= + +# (string) Proxy information for running the connection via a jumphost +# Also this plugin will scan 'ssh_args', 'ssh_extra_args' and 'ssh_common_args' from the 'ssh' plugin settings for proxy information if set. +;proxy_command= + +# (boolean) SUDO usually requires a PTY, True to give a PTY and False to not give a PTY. +;pty=True + +# (boolean) Save the host keys to a file +;record_host_keys=True + +# (string) User to login/authenticate as +# Can be set from the CLI via the C(--user) or C(-u) options. +;remote_user= + +# (int) Number of seconds until the plugin gives up on failing to establish a TCP connection. +;timeout=10 + +# (boolean) Whether or not to enable RSA SHA2 algorithms for pubkeys and hostkeys +# On paramiko versions older than 2.9, this only affects hostkeys +# For behavior matching paramiko<2.9 set this to V(False) +;use_rsa_sha2_algorithms=True [jinja2] # (list) This list of filters avoids 'type conversion' when templating variables. # Useful when you want to avoid conversion into lists or dictionaries for JSON strings, for example. -dont_type_filters=string, to_json, to_nice_json, to_yaml, to_nice_yaml, ppretty, json +;dont_type_filters=string, to_json, to_nice_json, to_yaml, to_nice_yaml, ppretty, json [tags] # (list) default list of tags to run in your plays, Skip Tags has precedence. -run= +;run= # (list) default list of tags to skip in your plays, has precedence over Run Tags -skip= +;skip= + + +[runas_become_plugin] +# (string) Options to pass to runas, a space delimited list of k=v pairs +;flags= + +# (string) password +;password= + +# (string) User you 'become' to execute the task +;user= + + +[su_become_plugin] +# (string) Su executable +;executable=su + +# (string) Options to pass to su +;flags= + +# (string) Password to pass to su +;password= + +# (string) User you 'become' to execute the task +;user=root + +# (list) List of localized strings to match for prompt detection +# If empty we'll use the built in one +# Do NOT add a colon (:) to your custom entries. Ansible adds a colon at the end of each prompt; if you add another one in your string, your prompt will fail with a "Timeout" error. +;localized_prompts= + + +[sudo_become_plugin] +# (string) Sudo executable +;executable=sudo + +# (string) Options to pass to sudo +;flags=-H -S -n + +# (string) Password to pass to sudo +;password= + +# (string) User you 'become' to execute the task +;user=root + + +[callback_tree] +# (path) directory that will contain the per host JSON files. Also set by the C(--tree) option when using adhoc. +;directory=~/.ansible/tree + + +[ssh_connection] +# (string) Only used in parsing ProxyCommand for use in this plugin. +;ssh_args= + +# (string) Only used in parsing ProxyCommand for use in this plugin. +;ssh_common_args= + +# (string) Only used in parsing ProxyCommand for use in this plugin. +;ssh_extra_args= + +# (string) This is the location to save SSH's ControlPath sockets, it uses SSH's variable substitution. +# Since 2.3, if null (default), ansible will generate a unique hash. Use ``%(directory)s`` to indicate where to use the control dir path setting. +# Before 2.3 it defaulted to ``control_path=%(directory)s/ansible-ssh-%%h-%%p-%%r``. +# Be aware that this setting is ignored if C(-o ControlPath) is set in ssh args. +;control_path= + +# (string) This sets the directory to use for ssh control path if the control path setting is null. +# Also, provides the ``%(directory)s`` variable for the control path setting. +;control_path_dir=~/.ansible/cp + +# (boolean) Determines if SSH should reject or not a connection after checking host keys. +;host_key_checking=True + +# (boolean) Pipelining reduces the number of connection operations required to execute a module on the remote server, by executing many Ansible modules without actual file transfers. +# This can result in a very significant performance improvement when enabled. +# However this can conflict with privilege escalation (become). For example, when using sudo operations you must first disable 'requiretty' in the sudoers file for the target hosts, which is why this feature is disabled by default. +;pipelining=False + +# (string) PKCS11 SmartCard provider such as opensc, example: /usr/local/lib/opensc-pkcs11.so +# Requires sshpass version 1.06+, sshpass must support the -P option. +;pkcs11_provider= + +# (integer) Number of attempts to connect. +# Ansible retries connections only if it gets an SSH error with a return code of 255. +# Any errors with return codes other than 255 indicate an issue with program execution. +;retries=0 + +# (string) This defines the location of the scp binary. It defaults to V(scp) which will use the first binary available in $PATH. +;scp_executable=scp + +# (string) Extra exclusive to the C(scp) CLI +;scp_extra_args= + +# (bool) TODO: write it +;sftp_batch_mode=True + +# (string) This defines the location of the sftp binary. It defaults to V(sftp) which will use the first binary available in $PATH. +;sftp_executable=sftp + +# (string) Extra exclusive to the C(sftp) CLI +;sftp_extra_args= + +# (string) This defines the location of the SSH binary. It defaults to V(ssh) which will use the first SSH binary available in $PATH. +# This option is usually not required, it might be useful when access to system SSH is restricted, or when using SSH wrappers to connect to remote hosts. +;ssh_executable=ssh + +# (string) Preferred method to use when transferring files over ssh +;transfer_method=smart + +# (string) Password prompt that sshpass should search for. Supported by sshpass 1.06 and up. +# Defaults to C(Enter PIN for) when pkcs11_provider is set. +;sshpass_prompt= + +# (integer) This is the default amount of time we will wait while establishing an SSH connection. +# It also controls how long we can wait to access reading the connection once established (select on the socket). +;timeout=10 + +# (bool) add -tt to ssh commands to force tty allocation. +;usetty=True + + +[winrm] +# (list) A list of environment variables to pass through to C(kinit) when getting the Kerberos authentication ticket. +# By default no environment variables are passed through and C(kinit) is run with a blank slate. +# The environment variable C(KRB5CCNAME) cannot be specified here as it's used to store the temp Kerberos ticket used by WinRM. +;kinit_env_vars= + + +[inventory_plugins] +# (bool) Merge extra vars into the available variables for composition (highest precedence). +;use_extra_vars=False + + +[inventory_plugin_script] +# (boolean) Toggle display of stderr even when script was successful +;always_show_stderr=True + + +[inventory_plugin_yaml] +# (list) list of 'valid' extensions for files containing YAML +;yaml_valid_extensions=.yaml, .yml, .json + + +[url_lookup] +# (string) String of file system path to CA cert bundle to use +;ca_path= + +# (list) SSL/TLS Ciphers to use for the request +# When a list is provided, all ciphers are joined in order with C(:) +# See the L(OpenSSL Cipher List Format,https://www.openssl.org/docs/manmaster/man1/openssl-ciphers.html#CIPHER-LIST-FORMAT) for more details. +# The available ciphers is dependent on the Python and OpenSSL/LibreSSL versions +;ciphers= + +# (string) String of urllib2, all/yes, safe, none to determine how redirects are followed +;follow_redirects=urllib2 + +# (boolean) Whether or not to set "cache-control" header with value "no-cache" +;force=False + +# (boolean) Force basic authentication +;force_basic_auth=False + +# (string) User-Agent to use in the request. The default was changed in 2.11 to V(ansible-httpget). +;agent=ansible-httpget + +# (float) How long to wait for the server to send data before giving up +;timeout=10 + +# (string) String of file system path to unix socket file to use when establishing connection to the provided url +;unix_socket= + +# (list) A list of headers to not attach on a redirected request +;unredirected_headers= + +# (boolean) Use GSSAPI handler of requests +# As of Ansible 2.11, GSSAPI credentials can be specified with O(username) and O(password). +;use_gssapi=False + +# (boolean) Determining whether to use credentials from ``~/.netrc`` file +# By default .netrc is used with Basic authentication headers +# When set to False, .netrc credentials are ignored +;use_netrc=True + + +[powershell] +# (string) Directory in which ansible will keep async job information. +# Before Ansible 2.8, this was set to C(remote_tmp + "\.ansible_async"). +;async_dir=%USERPROFILE%\.ansible_async + +# (string) Temporary directory to use on targets when copying files to the host. +;remote_tmp=%TEMP% + + +[vars_host_group_vars] +# (str) Control when this vars plugin may be executed. +# Setting this option to V(all) will run the vars plugin after importing inventory and whenever it is demanded by a task. +# Setting this option to V(task) will only run the vars plugin whenever it is demanded by a task. +# Setting this option to V(inventory) will only run the vars plugin after parsing inventory. +# If this option is omitted, the global C(RUN_VARS_PLUGINS) configuration is used to determine when to execute the vars plugin. +;stage= diff --git a/roles/nodered/tasks/configure-Ubuntu.yml b/roles/nodered/tasks/configure-Ubuntu.yml index 346422b..ccc56cb 100644 --- a/roles/nodered/tasks/configure-Ubuntu.yml +++ b/roles/nodered/tasks/configure-Ubuntu.yml @@ -79,18 +79,18 @@ wait_for: port: "{{ noderedserver_port }}" - - name: Import Node-RED FTH Config via HTTP POST - uri: - url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flow" - method: POST - headers: - Content-Type: application/json - Node-RED-API-Version: v1 - Node-RED-Deployment-Type: full - Authorization: Bearer {{ nodered_admin_token }} - body: nodered_global_config_flow - body_format: json - status_code: 200 + # - name: Import Node-RED FTH Config via HTTP POST + # uri: + # url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flow" + # method: POST + # headers: + # Content-Type: application/json + # Node-RED-API-Version: v1 + # Node-RED-Deployment-Type: full + # Authorization: Bearer {{ nodered_admin_token }} + # body: nodered_global_config_flow + # body_format: json + # status_code: 200 - name: Import FTH Videochecker flow via HTTP POST uri: From 3f6ed377685eb01a80441043ea2819f4c4653ad7 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Thu, 17 Oct 2024 17:07:09 -0500 Subject: [PATCH 79/80] waiting for new videochecker flow --- roles/nodered/tasks/configure-Ubuntu.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/nodered/tasks/configure-Ubuntu.yml b/roles/nodered/tasks/configure-Ubuntu.yml index ccc56cb..8607d5c 100644 --- a/roles/nodered/tasks/configure-Ubuntu.yml +++ b/roles/nodered/tasks/configure-Ubuntu.yml @@ -101,7 +101,8 @@ Node-RED-API-Version: v1 Node-RED-Deployment-Type: full Authorization: Bearer {{ nodered_admin_token }} - body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_VideoChecker/freetakhub_videochecker_n3.json') }}" + # body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_VideoChecker/freetakhub_videochecker_n3.json') }}" + body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_VideoChecker/freetakhub_videochecker.json') }}" body_format: json status_code: 200 From 9acba631949be08ef3f49e93673677cc748e39c0 Mon Sep 17 00:00:00 2001 From: Fredrick Eisele Date: Fri, 18 Oct 2024 08:53:15 -0500 Subject: [PATCH 80/80] do not stop processing just because a flow could not be set --- roles/nodered/tasks/configure-Ubuntu.yml | 28 ++++++++++++++---------- 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/roles/nodered/tasks/configure-Ubuntu.yml b/roles/nodered/tasks/configure-Ubuntu.yml index 8607d5c..6cd4526 100644 --- a/roles/nodered/tasks/configure-Ubuntu.yml +++ b/roles/nodered/tasks/configure-Ubuntu.yml @@ -79,18 +79,19 @@ wait_for: port: "{{ noderedserver_port }}" - # - name: Import Node-RED FTH Config via HTTP POST - # uri: - # url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flow" - # method: POST - # headers: - # Content-Type: application/json - # Node-RED-API-Version: v1 - # Node-RED-Deployment-Type: full - # Authorization: Bearer {{ nodered_admin_token }} - # body: nodered_global_config_flow - # body_format: json - # status_code: 200 + - name: Import Node-RED FTH Config via HTTP POST + uri: + url: "http://{{ noderedserver_ipv4 }}:{{ noderedserver_port }}/flow" + method: POST + headers: + Content-Type: application/json + Node-RED-API-Version: v1 + Node-RED-Deployment-Type: full + Authorization: Bearer {{ nodered_admin_token }} + body: nodered_global_config_flow + body_format: json + status_code: 200 + ignore_errors: true - name: Import FTH Videochecker flow via HTTP POST uri: @@ -105,6 +106,7 @@ body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_VideoChecker/freetakhub_videochecker.json') }}" body_format: json status_code: 200 + ignore_errors: true - name: Import FTH SALUTE flow via HTTP POST uri: @@ -118,6 +120,7 @@ body: "{{ lookup('file', playbook_dir + '/FreeTAKHub_Forms_SALUTE/freetakhub_salute.json') }}" body_format: json status_code: 200 + ignore_errors: true - name: Import FTH Webmap flow via HTTP POST uri: @@ -131,6 +134,7 @@ body: "{{ lookup('file', playbook_dir + '/FreeTAKHub-Webmap/freetakhub_webmap_v5.json') }}" body_format: json status_code: 200 + ignore_errors: true - name: Ensure reachable connection to Video Server