I changed my script to do my tests:
- hosts: ra*****.********.org
roles:
- openwisp.openwisp2
vars:
openwisp2_default_from_email: "advertise@ra*****.********.org"
openwisp2_time_zone: Europe/Paris
openwisp2_allowed_hosts:
- ra*****.********.org
openwisp2_utils_pip:
https://github.com/openwisp/openwisp-utils/tarball/master
openwisp2_users_pip:
https://github.com/openwisp/openwisp-users/tarball/master
openwisp2_extra_python_packages:
# monitoring
- https://github.com/openwisp/openwisp-radius/tarball/master
- django-cors-headers
openwisp2_extra_django_settings_instructions:
# monitoring settings
- |
# openwisp-radius, registration, CORS
INSTALLED_APPS += [
'corsheaders',
'django_filters',
'rest_framework.authtoken',
'rest_auth',
'rest_auth.registration',
'openwisp_radius',
]
OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS = ['ra*****.********.org']
# CORS
MIDDLEWARE.insert(
MIDDLEWARE.index('django.middleware.common.CommonMiddleware'),
'corsheaders.middleware.CorsMiddleware'
)
CORS_ORIGIN_WHITELIST = ('comlight.org')
CORS_ALLOW_METHODS = ('POST',)
# REST API
INSTALLED_APPS += [
'drf_yasg',
]
OPENWISP_USERS_AUTH_API = True
openwisp2_extra_urls:
- "url(r'^', include('openwisp_radius.urls'))"
- "url(r'^api/v1/', include('openwisp_utils.api.urls'))"
- "url(r'^api/v1/', include('openwisp_users.api.urls'))"
freeradius_dir: /etc/freeradius/3.0
freeradius_mods_available_dir: "{{ freeradius_dir }}/mods-available"
freeradius_mods_enabled_dir: "{{ freeradius_dir }}/mods-enabled"
freeradius_sites_available_dir: "{{ freeradius_dir }}/sites-available"
freeradius_sites_enabled_dir: "{{ freeradius_dir }}/sites-enabled"
freeradius_certs_dir: "{{ freeradius_dir }}/certs"
freeradius_sql:
driver: rlm_sql_mysql
dialect: mysql
host: ***.***.***.***
port: 3306
name: "*******"
user: "******"
password: "*******"
freeradius_rest:
url: https://ra*****.********.org/api/v1/freeradius
pre_tasks:
# openwisp-radius
- name: Install cairo
apt:
name:
- libcairo2
- libpango-1.0-0
- libpangocairo-1.0-0
- libgdk-pixbuf2.0-0
- shared-mime-info
update_cache: yes
tags: [openwisp2, radius]
- name: Freeradius system packages
apt:
name:
- freeradius
- freeradius-mysql
- freeradius-rest
state: latest
notify: stop freeradius
Now my installation is running without ending, the last message is:
TASK [openwisp.openwisp2 : Install openwisp2 controller and its
dependencies] **************************************************************
The full log:
PLAY [ra*****.********.org]
*********************************************************************************************************************************************************************************
TASK [Gathering Facts]
***************************************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [Install cairo]
*****************************************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [Freeradius system packages]
****************************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [Stouts.postfix : include_tasks]
************************************************************************************************************************************************************************
included: /root/.ansible/roles/Stouts.postfix/tasks/postfix.yml for
ra*****.********.org
TASK [Stouts.postfix : Install requirements (Debian)]
********************************************************************************************************************************************************
[DEPRECATION WARNING]: Invoking "apt" only once while using a loop via
squash_actions is deprecated. Instead of using a loop to supply multiple
items and specifying `name: "{{item}}"`, please use `name:
['postfix', 'ca-certificates', 'mailutils', 'libsasl2-modules']` and remove
the loop. This feature will be removed in version 2.11. Deprecation
warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
ok: [ra*****.********.org] => (item=['postfix', 'ca-certificates',
'mailutils', 'libsasl2-modules'])
TASK [Stouts.postfix : Install DKIM requirements (Debian)]
***************************************************************************************************************************************************
[DEPRECATION WARNING]: Invoking "apt" only once while using a loop via
squash_actions is deprecated. Instead of using a loop to supply multiple
items and specifying `name: "{{item}}"`, please use `name:
['opendkim', 'opendkim-tools']` and remove the loop. This feature will be
removed in version 2.11. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
skipping: [ra*****.********.org] => (item=[])
TASK [Stouts.postfix : Install postfix-pcre]
*****************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Install requirements (RedHat)]
********************************************************************************************************************************************************
skipping: [ra*****.********.org] => (item=postfix)
skipping: [ra*****.********.org] => (item=ca-certificates)
skipping: [ra*****.********.org] => (item=mailx)
skipping: [ra*****.********.org] => (item=libselinux-python)
TASK [Stouts.postfix : Install DKIM requirements (RedHat)]
***************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : create self-signed SSL cert]
**********************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : set permissions for self-signed SSL cert]
*********************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : set permissions for self-signed SSL key]
**********************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Create DKIM directories]
**************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Create DKIM directories]
**************************************************************************************************************************************************************
skipping: [ra*****.********.org] => (item=ra*****.********.org)
TASK [Stouts.postfix : Generate DKIM key]
********************************************************************************************************************************************************************
skipping: [ra*****.********.org] => (item=ra*****.********.org)
TASK [Stouts.postfix : Change DKIM key permissions]
**********************************************************************************************************************************************************
skipping: [ra*****.********.org] => (item=ra*****.********.org)
TASK [Stouts.postfix : Configure opendkim pt. 1]
*************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure opendkim pt. 2]
*************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure opendkim pt. 3]
*************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure opendkim pt. 4]
*************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure opendkim pt. 5]
*************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Ensure /etc/postfix directory is owned by root user]
**********************************************************************************************************************************
ok: [ra*****.********.org]
TASK [Stouts.postfix : Configure postfix pt. 1]
**************************************************************************************************************************************************************
ok: [ra*****.********.org] => (item=main.cf)
ok: [ra*****.********.org] => (item=master.cf)
TASK [Stouts.postfix : Configure postfix pt. 2]
**************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure postfix pt. 3]
**************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure postfix pt. 4]
**************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [Stouts.postfix : Configure postfix pt. 5]
**************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure postfix pt. 6]
**************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [Stouts.postfix : Configure postfix local user relay]
***************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure postfix sender canonical maps]
**********************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Configure SystemD]
********************************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Ensure Postfix service is enabled (systemd)]
******************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [Stouts.postfix : Ensure Postfix is started]
************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Set supervisor path (Debian)]
*****************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Set www user (Debian)]
************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Set spatialite_path (Ubuntu >= 18.04 or Debian
>= 10)]
****************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Update APT package cache]
*********************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install system packages]
**********************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install redis 5 if available]
*****************************************************************************************************************************************************
fatal: [ra*****.********.org]: FAILED! => {"cache_update_time": 1607350510,
"cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o
\"Dpkg::Options::=--force-confdef\" -o
\"Dpkg::Options::=--force-confold\" install 'redis-server=5:5*''
failed: E: Version '5:5*' for 'redis-server' was not found\n", "rc": 100,
"stderr": "E: Version '5:5*' for 'redis-server' was not found\n",
"stderr_lines": ["E: Version '5:5*' for 'redis-server' was not found"],
"stdout": "Reading package lists...\nBuilding dependency tree...\nReading
state information...\n", "stdout_lines": ["Reading package lists...",
"Building dependency tree...", "Reading state information..."]}
...ignoring
TASK [openwisp.openwisp2 : Install redis 4 (fallback)]
*******************************************************************************************************************************************************
fatal: [ra*****.********.org]: FAILED! => {"cache_update_time": 1607350510,
"cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o
\"Dpkg::Options::=--force-confdef\" -o
\"Dpkg::Options::=--force-confold\" install 'redis-server=5:4*''
failed: E: Version '5:4*' for 'redis-server' was not found\n", "rc": 100,
"stderr": "E: Version '5:4*' for 'redis-server' was not found\n",
"stderr_lines": ["E: Version '5:4*' for 'redis-server' was not found"],
"stdout": "Reading package lists...\nBuilding dependency tree...\nReading
state information...\n", "stdout_lines": ["Reading package lists...",
"Building dependency tree...", "Reading state information..."]}
...ignoring * ------> Installed manualy with apt-get install redis*
-y*
TASK [openwisp.openwisp2 : set redis to listen on ipv4]
******************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install spatialite]
***************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install mod-spatialite (may fail on older linux
distros)]
*************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install acl if acting as non-root user]
*******************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : ensure supervisor is started]
*****************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install python2 packages]
*********************************************************************************************************************************************************
skipping: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install python3 packages]
*********************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install ntp]
**********************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Update pip & related tools]
*******************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Remove jsonfield2]
****************************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Set openwisp2_python_packages]
****************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Set custom package list]
**********************************************************************************************************************************************************
skipping: [ra*****.********.org] => (item=False)
ok: [ra*****.********.org] =>
(item=https://github.com/openwisp/openwisp-users/tarball/master)
ok: [ra*****.********.org] =>
(item=https://github.com/openwisp/openwisp-utils/tarball/master)
skipping: [ra*****.********.org] => (item=False)
skipping: [ra*****.********.org] => (item=False)
skipping: [ra*****.********.org] => (item=False)
skipping: [ra*****.********.org] => (item=False)
TASK [openwisp.openwisp2 : Add network_topology to custom package list if
set and enabled]
*******************************************************************************************************************
skipping: [ra*****.********.org] => (item=False)
TASK [openwisp.openwisp2 : Install cryptography from pip]
****************************************************************************************************************************************************
ok: [ra*****.********.org]
TASK [openwisp.openwisp2 : Install openwisp2 controller and its
dependencies] *******************************************************
Le mercredi 2 décembre 2020 à 16:20:01 UTC+1, [email protected] a
écrit :
> Welcome!
>
> You need to add a template in templates/freeradius/sql.j2 and use a
> configuration that suits you.
>
> Adding support for openwisp-radius to ansible-openwisp2 is in the works:
> https://github.com/openwisp/ansible-openwisp2/pull/223.
>
> The example I shared on this ML is a base which can be used to build a
> configuration that works, but it's not a fully working configuration.
> The playbooks I have contain sensitive information of my customers and I
> can't share those, so I shared only the parts I was allowed to share.
>
> I hope this helps!
> Best regards
> Federico
>
> On Wed, Dec 2, 2020 at 10:13 AM Racamier Stéphane <[email protected]>
> wrote:
>
>>
>> Hi,
>>
>> From 2 week i work to set up a server with openwisp2 and freeradius3. I
>> saw several tutorials (ansible and python venv), I would like to install a
>> stable version using ansible and deport the DB to a mariaDB server.
>>
>> I found this in the mailing list:
>>
>> - hosts: ra******5.*******.org
>> roles:
>> - openwisp.openwisp2
>>
>> vars:
>> openwisp2_default_from_email: "advertise@ra******5.********.org"
>> openwisp2_time_zone: Europe/Paris
>> openwisp2_allowed_hosts:
>> - ra*******5.********.org
>>
>> openwisp2_utils_pip:
>> https://github.com/openwisp/openwisp-utils/tarball/master
>> openwisp2_users_pip:
>> https://github.com/openwisp/openwisp-users/tarball/master
>> openwisp2_extra_python_packages:
>> # monitoring
>> - https://github.com/openwisp/openwisp-radius/tarball/master
>> - django-cors-headers
>> openwisp2_extra_django_settings_instructions:
>> # monitoring settings
>> - |
>> # openwisp-radius, registration, CORS
>> INSTALLED_APPS += [
>> 'corsheaders',
>> 'django_filters',
>> 'rest_framework.authtoken',
>> 'rest_auth',
>> 'rest_auth.registration',
>> 'openwisp_radius',
>> ]
>> OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS = ['ra*****5.******.org']
>>
>> # CORS
>> MIDDLEWARE.insert(
>> MIDDLEWARE.index('django.middleware.common.CommonMiddleware'),
>> 'corsheaders.middleware.CorsMiddleware'
>> )
>> CORS_ORIGIN_WHITELIST = ('comlight.org')
>> CORS_ALLOW_METHODS = ('POST',)
>>
>> # REST API
>> INSTALLED_APPS += [
>> 'drf_yasg',
>> ]
>> OPENWISP_USERS_AUTH_API = True
>> openwisp2_extra_urls:
>> - "url(r'^', include('openwisp_radius.urls'))"
>> - "url(r'^api/v1/', include('openwisp_utils.api.urls'))"
>> - "url(r'^api/v1/', include('openwisp_users.api.urls'))"
>> freeradius_dir: /etc/freeradius/3.0
>> freeradius_mods_available_dir: "{{ freeradius_dir }}/mods-available"
>> freeradius_mods_enabled_dir: "{{ freeradius_dir }}/mods-enabled"
>> freeradius_sites_available_dir: "{{ freeradius_dir }}/sites-available"
>> freeradius_sites_enabled_dir: "{{ freeradius_dir }}/sites-enabled"
>> freeradius_certs_dir: "{{ freeradius_dir }}/certs"
>> freeradius_sql:
>> driver: rlm_sql_mysql
>> dialect: mysql
>> host: ***.***.***.***
>> port: 3306
>> name: "******"
>> user: "******"
>> password: "*******"
>> freeradius_rest:
>> url: https://radius05.comlight.org/api/v1/freeradius
>> pre_tasks:
>> # openwisp-radius
>> - name: Install cairo
>> apt:
>> name:
>> - libcairo2
>> - libpango-1.0-0
>> - libpangocairo-1.0-0
>> - libgdk-pixbuf2.0-0
>> - shared-mime-info
>> update_cache: yes
>> tags: [openwisp2, radius]
>>
>> - name: Freeradius system packages
>> apt:
>> name:
>> - freeradius
>> - freeradius-mysql
>> - freeradius-rest
>> state: latest
>> notify: restart freeradius
>> - name: SQL Configuration
>> template:
>> src: freeradius/sql.j2
>> dest: "{{ freeradius_mods_available_dir }}/sql"
>> mode: 0640
>> owner: freerad
>> group: freerad
>> notify: restart freeradius
>> - name: Enable SQL module
>> file:
>> src: "{{ freeradius_mods_available_dir }}/sql"
>> dest: "{{ freeradius_mods_enabled_dir }}/sql"
>> state: link
>> mode: 0640
>> owner: freerad
>> group: freerad
>> - name: SQL Counter module
>> template:
>> src: freeradius/sqlcounter.j2
>> dest: "{{ freeradius_mods_available_dir }}/sqlcounter"
>> mode: 0640
>> owner: freerad
>> group: freerad
>> notify: restart freeradius
>> - name: Enable SQL Counter module
>> file:
>> src: "{{ freeradius_mods_available_dir }}/sqlcounter"
>> dest: "{{ freeradius_mods_enabled_dir }}/sqlcounter"
>> state: link
>> mode: 0640
>> owner: freerad
>> group: freerad
>> - name: Fix dailycounter.conf
>> copy:
>> src: freeradius/dailycounter.conf
>> dest: "{{ freeradius_dir
>> }}/mods-config/sql/counter/postgresql/dailycounter.conf"
>> mode: 0640
>> owner: freerad
>> group: freerad
>> notify: restart freeradius
>> - name: REST Configuration
>> template:
>> src: freeradius/rest.j2
>> dest: "{{ freeradius_mods_available_dir }}/rest"
>> mode: 0640
>> owner: freerad
>> group: freerad
>> notify: restart freeradius
>> - name: Enable REST module
>> file:
>> src: "{{ freeradius_mods_available_dir }}/rest"
>> dest: "{{ freeradius_mods_enabled_dir }}/rest"
>> state: link
>> mode: 0640
>> owner: freerad
>> group: freerad
>> - name: Remove default site
>> file:
>> dest: "{{ freeradius_sites_enabled_dir }}/default"
>> state: absent
>> - name: Ensure inner-tunnel site is present
>> file:
>> src: "{{ freeradius_sites_available_dir }}/inner-tunnel"
>> dest: "{{ freeradius_sites_enabled_dir }}/inner-tunnel"
>> state: link
>> mode: 0640
>> owner: freerad
>> group: freerad
>> - name: Captive portal configuration
>> template:
>> src: freeradius/captiveportal.j2
>> dest: "{{ freeradius_sites_available_dir }}/captiveportal"
>> mode: 0640
>> owner: freerad
>> group: freerad
>> notify: restart freeradius
>> tags: [radius]
>> - file:
>> src: "{{ freeradius_sites_available_dir }}/captiveportal"
>> dest: "{{ freeradius_sites_enabled_dir }}/captiveportal"
>> state: link
>> mode: 0640
>> owner: freerad
>> group: freerad
>> tags: [radius]
>> # openwisp-radius cron jobs
>> - name: delete_old_radacct
>> cron:
>> name: delete_old_radacct
>> day: "*"
>> hour: 05
>> minute: 30
>> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
>> delete_old_radacct 730"
>> tags: [openwisp2, radius]
>> - name: delete_old_postauth
>> cron:
>> name: delete_old_postauth
>> day: "*"
>> hour: 05
>> minute: 0
>> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
>> delete_old_postauth 365"
>> tags: [openwisp2, radius]
>> - name: cleanup_stale_radacct
>> cron:
>> name: cleanup_stale_radacct
>> day: "*"
>> hour: 04
>> minute: 0
>> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
>> cleanup_stale_radacct 1"
>> tags: [openwisp2, radius]
>> - name: deactivate_expired_users
>> cron:
>> name: deactivate_expired_users
>> day: "*"
>> hour: "*"
>> minute: "*/5"
>> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
>> deactivate_expired_users"
>> tags: [openwisp2, radius]
>> - name: delete_old_users
>> cron:
>> name: delete_old_users
>> day: "*"
>> hour: "03"
>> minute: "30"
>> job: "/opt/openwisp2/env/bin/python /opt/openwisp2/manage.py
>> delete_old_users"
>> tags: [openwisp2, radius]
>>
>> And i have this error:
>>
>>
>> root@ra******5:~/openwisp2-ansible-playbook# ansible-playbook -i hosts
>> playbook.yml -k
>> SSH password:
>>
>> PLAY [ra*****5.******.org]
>> *************************************************************************************************
>>
>> TASK [Gathering Facts]
>> *******************************************************************************************************
>> ok: [ra******5.*****.org]
>>
>> TASK [Install cairo]
>> *********************************************************************************************************
>> ok: [ra********5.*******.org]
>>
>> TASK [Freeradius system packages]
>> ********************************************************************************************
>> ok: [ra******5.******.org]
>>
>> TASK [SQL Configuration]
>> *****************************************************************************************************
>> fatal: [ra******5.********.org]: FAILED! => {"changed": false, "msg":
>> "Could not find or access 'freeradius/sql.j2'\nSearched
>> in:\n\t/root/openwisp2-ansible-playbook/templates/freeradius/sql.j2\n\t/root/openwisp2-ansible-playbook/freeradius/sql.j2\n\t/root/openwisp2-ansible-playbook/templates/freeradius/sql.j2\n\t/root/openwisp2-ansible-playbook/freeradius/sql.j2
>>
>> on the Ansible Controller.\nIf you are using a module and expect the file
>> to exist on the remote, see the remote_src option"}
>>
>> PLAY RECAP
>> *******************************************************************************************************************
>> ra*****5.********.org : ok=3 changed=0 unreachable=0
>> failed=1 skipped=0 rescued=0 ignored=0
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "OpenWISP" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web, visit
>> https://groups.google.com/d/msgid/openwisp/60bfa700-13e5-4000-a72c-c5b90adae853n%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/openwisp/60bfa700-13e5-4000-a72c-c5b90adae853n%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>
--
You received this message because you are subscribed to the Google Groups
"OpenWISP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web, visit
https://groups.google.com/d/msgid/openwisp/f5354f2d-a7b3-414a-be6f-31e2db01ae8fn%40googlegroups.com.
