Install Services in Admin Console #475
Conversation
|
Works to correct the original missing var
These have gone away for some time now.
Like the look of the Services Enabled tab, but the below are not really supported anymore Moving Network Parameters off the main page is a good call. Did the custom homepage url where you can point the default landing page to something else go away? Found only one shakeout from applying #469 is when kiwix is not pre-installed, just added With local_vars initial state with 'kiwix_install: False' selecting kiwix on the 'Services Enabled' tab and then 'Save Configuration' correctly toggled the local_vars file entries but 'Install Configured Options' looks like iiab-from-console.yml is no longer being used? Is iiab-from-console.yml going away? |
|
meant to change install to make iiab-make-kiwix-lib conditional on existence of script. now done.
yes. the gui parameter was being ignored and it forces rerun of nginx role and no one has ever done it. |
Not quite true see https://github.com/iiab/iiab/blob/master/roles/nginx/tasks/homepage.yml#L1, perhaps just use 'iiab_home_url' and add www_options as the role to call? |
I think that creates a directory (actually not needed for wordpress or mwiki, and nginx creates the redirect. |
|
what about wifi_up_down and ports_externally_visible? |
|
Nowadays ports_externally_visible is read from local_vars directly by iiab-gen-iptables, radio button maybe? Now wifi_up_down could be exposed but the current wifi network layout should be torn down first with iiab-hotspot-off before toggling the value, (the templates iiab-hotspot* are specific to the mode selected containing different commands) then running the role to slide the revised templates into place. I see no problem running these 2 parts in that order from cmd-serve, would be subject to the same restrictions now, connections across wifi might go away and if changing modes a reboot might be needed as noted in the templates. |
Think that is a bit of confusion by the maintainer as to what rewrite does in the template, later grew the mkdir part at some point, but I agree just the rewrite from the iiab.conf.j2 template in homepage.yml is all that is needed. |
|
what about iiab_gateway_enabled? Is it set when mode is gateway? I don't think it used to be when there was a passthru variable. |
|
iiab_gateway_enabled written to iiab.env in the role or by iiab-internet-off|on sourced by iiab-gen-iptables. The default is False and would require a lan device to be declared in iiab.env to become active and write the masq rule if set to True. |
yes |
so does network mode = Gateway mean anything? |
|
'network mode =' is a little vague, Gateway should imply an active route to the WAN with hardware to support a LAN. Forwarding from the LAN to WAN is optional. /etc/iiab/iiab.env IIAB_GATEWAY_ENABLED= is what is acted upon by iiab-gen-iptables as to include or exclude the MASQ rule to allow traffic to flow if you have the interfaces present via IIAB_WAN_DEVICE= IIAB_LAN_DEVICE= /etc/iiab/iiab.ini "computed_network": "iiab_network_mode": is what was detected/maximum possible combo at the last run of ansible. That is the pre-population of the radio button. /etc/iiab/iiab.ini "network": "iiab_network_mode_applied": is what the machine is set to based on the lesser of iiab_network_mode is capable of and the user's wish of gui_desired_network_role. If the hardware can do 'Gateway' your selection can be 'Appliance', which should be applied. If your hardware can only do 'Appliance' and 'Gateway' is selected the gui_desired_network_role option should be ignored. |
|
I think what you described is what I expected, which I take to mean that adm cons should only set gui_desired_network_role and not iiab_gateway_enabled. |
|
The meaning of 'Gateway' became blurred with iiab/#1352 with the change in automatic forwarding to being opt-in. The difference is the default layout is more of a 'dual-interface no forwarding' with the option to be a 'Gateway'. Think having iiab_gateway_enabled exposed is a valid use case, "Enable traffic from LAN to WAN", just a tick box under the radio button should be enough. |
roles/console/files/help/Config.rst
Outdated
| The last filter is based not on URLs, but on **Words in the Content**. | ||
|
|
||
| Use your local policy to decide which of these filters to enable. |
There was a problem hiding this comment.
Should these 2 lines be removed or revised?
And Line 164's "it can filter the sites that students are permitted to access in three ways" be revised accordingly?
|
@holta thanks, missed it. |
|
@jvonau thanks for all your help. think this is getting close. |
|
I'm inclined to remove calibre and only leave calibre-web |
That seems fine. As folks who really want all of Calibre's ebook tools (like ebook-convert that Calibre-Web can use, and calibredb to import ebooks) should probably be using a graphical desktop OS, and would be wise to arrange this in advance. |
|
Tested on Deb11 VM, rpi on wan, and rpi on lan |
No description provided.