From 182d2515f393f0d8b866e5d0b7b433b6f468d799 Mon Sep 17 00:00:00 2001 From: Matt Birkholz Date: Tue, 3 Jun 2025 20:28:15 -0600 Subject: [PATCH] Fix links in The All Role, several file links, net interface name. --- README.org | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/README.org b/README.org index cac9d65..62e92a5 100644 --- a/README.org +++ b/README.org @@ -550,7 +550,7 @@ Debian. The command updates the institute membership roll, requiring the member's username, keeping a list of the member's clients (in case all authorizations need to be revoked quickly). The list of client certificates that have been revoked is stored along with the -membership roll (in =private/members.yml= as the value of ~revoked~). +membership roll (in [[file:private/members.yml][=private/members.yml=]] as the value of ~revoked~). Finally, the institute uses an OpenPGP key to secure sensitive emails (containing passwords or private keys) to Core. @@ -1282,9 +1282,9 @@ particular, the institute's ~domain_name~, a variable found in the =public/vars.yml= file. Thus the first task of the ~all~ role is to include the variables defined in this file (described in [[*The Particulars][The Particulars]]). The code block below is the first to tangle into -[[file:roles/front/tasks/main.yml][=roles/all/tasks/main.yml=]]. +[[file:roles/all/tasks/main.yml][=roles/all/tasks/main.yml=]]. -#+CAPTION: [[file:roles/front/tasks/main.yml][=roles/all/tasks/main.yml=]] +#+CAPTION: [[file:roles/all/tasks/main.yml][=roles/all/tasks/main.yml=]] #+BEGIN_SRC conf :tangle roles_t/all/tasks/main.yml :mkdirp yes --- - name: Include public variables. @@ -1308,7 +1308,7 @@ follows these recommendations (and /not/ the suggestion to enable (and provides =/lib/systemd/systemd-resolved=, formerly part of the ~systemd~ package). -#+CAPTION: [[file:roles_t/front/tasks/main.yml][=roles_t/all/tasks/main.yml=]] +#+CAPTION: [[file:roles_t/all/tasks/main.yml][=roles_t/all/tasks/main.yml=]] #+BEGIN_SRC conf :tangle roles_t/all/tasks/main.yml :noweb no-export - name: Install systemd-resolved. @@ -1351,7 +1351,7 @@ trustworthy, so its certificate is added to the set of trusted CAs on each host. More information about how the small institute manages its X.509 certificates is available in [[*Keys][Keys]]. -#+CAPTION: [[file:roles_t/front/tasks/main.yml][=roles_t/all/tasks/main.yml=]] +#+CAPTION: [[file:roles_t/all/tasks/main.yml][=roles_t/all/tasks/main.yml=]] #+BEGIN_SRC conf :tangle roles_t/all/tasks/main.yml :mkdirp yes - name: Trust the institute CA. @@ -1365,7 +1365,7 @@ X.509 certificates is available in [[*Keys][Keys]]. notify: Update CAs. #+END_SRC -#+CAPTION: [[file:roles_t/front/handlers/main.yml][=roles_t/all/handlers/main.yml=]] +#+CAPTION: [[file:roles_t/all/handlers/main.yml][=roles_t/all/handlers/main.yml=]] #+BEGIN_SRC conf :tangle roles_t/all/handlers/main.yml :mkdirp yes - name: Update CAs. @@ -2317,9 +2317,9 @@ The first step is to install Kamailio. #+END_SRC Now the configuration drop concerns the network device on which -Kamailio will be listening, the ~tun~ device created by OpenVPN. The +Kamailio will be listening, the ~ovpn~ device created by OpenVPN. The added configuration settings inform Systemd that Kamailio should not -be started before the ~tun~ device has appeared. +be started before the ~ovpn~ device has appeared. #+CAPTION: [[file:roles_t/front/tasks/main.yml][=roles_t/front/tasks/main.yml=]] #+BEGIN_SRC conf :tangle roles_t/front/tasks/main.yml @@ -5911,7 +5911,7 @@ if (defined $ARGV[0] && $ARGV[0] eq "CA") { The next code block implements the ~config~ sub-command, which provisions network services by running the =site.yml= playbook -described in [[*=playbooks/site.yml=][=playbooks/site.yml=]]. It recognizes an optional ~-n~ +described in [[file:playbooks/site.yml][=playbooks/site.yml=]]. It recognizes an optional ~-n~ flag indicating that the service configurations should just be checked. Given an optional host name, it provisions (or checks) just the named host. @@ -5956,7 +5956,7 @@ For general information about members and their Unix accounts, see [[*Accounts][Accounts]]. The account management sub-commands maintain a mapping associating member "usernames" (Unix account names) with their records. The mapping is stored among other things in -=private/members.yml= as the value associated with the key ~members~. +[[file:private/members.yml][=private/members.yml=]] as the value associated with the key ~members~. A new member's record in the ~members~ mapping will have the ~status~ key value ~current~. That key gets value ~former~ when the member @@ -6143,7 +6143,7 @@ sub print_member ($$) { The next code block implements the ~new~ sub-command. It adds a new member to the institute's membership roll. It runs an Ansible playbook to create the member's Nextcloud user, updates -=private/members.yml=, and runs the [[file:playbooks/site.yml][=site.yml=]] playbook. The site +[[file:private/members.yml][=private/members.yml=]], and runs the [[file:playbooks/site.yml][=site.yml=]] playbook. The site playbook (re)creates the member's accounts on Core and Front, (re)installs the member's personal homepage on Front, and the member's Fetchmail service on Core. All services are configured with an @@ -6247,7 +6247,7 @@ servers immediately or let the administrator do that using the ~./inst pass~ command. In either case, the administrator needs to update the membership roll, and so receives an encrypted email, which gets piped into ~./inst pass~. This command decrypts the message, parses the -(YAML) content, updates =private/members.yml=, and runs the full +(YAML) content, updates [[file:private/members.yml][=private/members.yml=]], and runs the full Ansible [[file:playbooks/site.yml][=site.yml=]] playbook to update the servers. If all goes well a message is sent to ~member@core~. @@ -6347,7 +6347,7 @@ exit; *** Less Aggressive Pass Command The following code block implements the ~./inst pass~ command, used by -the administrator to update =private/members.yml= before running +the administrator to update [[file:private/members.yml][=private/members.yml=]] before running [[file:playbooks/site.yml][=playbooks/site.yml=]] and emailing the concerned member. #+CAPTION: [[file:inst][=inst=]] -- 2.25.1