diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-03-25 20:55:53 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-03-25 20:55:53 +0100 |
| commit | e328d1bb0fe0f08b2f993a5a933307b77ad95c29 (patch) | |
| tree | c612f8062fade03d2cc30649c62ea765df57541e /roles/apps/nextcloud/tasks | |
| parent | sk-cloudia: new nextcloud instnace next.skillz.biz (diff) | |
move some roles to app/
Diffstat (limited to 'roles/apps/nextcloud/tasks')
| -rw-r--r-- | roles/apps/nextcloud/tasks/main.yml | 170 |
1 files changed, 170 insertions, 0 deletions
diff --git a/roles/apps/nextcloud/tasks/main.yml b/roles/apps/nextcloud/tasks/main.yml new file mode 100644 index 00000000..a951867c --- /dev/null +++ b/roles/apps/nextcloud/tasks/main.yml @@ -0,0 +1,170 @@ +--- +- name: create zfs datasets + when: nextcloud_zfs is defined + block: + - name: create zfs base dataset + zfs: + name: "{{ nextcloud_zfs.pool }}/{{ nextcloud_zfs.name }}" + state: present + extra_zfs_properties: + quota: "{{ nextcloud_zfs.size }}" + + - name: create zfs volumes for instances + loop: "{{ nextcloud_instances | dict2items }}" + loop_control: + label: "{{ item.key }} ({{ item.value.quota }})" + zfs: + name: "{{ nextcloud_zfs.pool }}/{{ nextcloud_zfs.name }}/{{ item.key }}" + state: present + extra_zfs_properties: + quota: "{{ item.value.quota }}" + + - name: configure nextcloud base bath + set_fact: + nextcloud_base_path: "{{ zfs_zpools[nextcloud_zfs.pool].mountpoint }}/{{ nextcloud_zfs.name }}" + + +- name: create instance subdirectories + when: nextcloud_zfs is not defined + loop: "{{ nextcloud_instances | list }}" + file: + path: "{{ nextcloud_base_path }}/{{ item }}" + state: directory + + + +- name: add group for nextcloud app + group: + name: nc-app + gid: "{{ nextcloud_app_gid }}" + +- name: add user for nextcloud app + user: + name: nc-app + uid: "{{ nextcloud_app_uid }}" + group: nc-app + password: "!" + +- name: create nextcloud app subdirectory + loop: "{{ nextcloud_instances | list }}" + file: + path: "{{ nextcloud_base_path }}/{{ item }}/nextcloud" + owner: "{{ nextcloud_app_uid }}" + group: "{{ nextcloud_app_gid }}" + state: directory + + +- name: add group for nextcloud db + group: + name: nc-db + gid: "{{ nextcloud_db_gid }}" + +- name: add user for nextcloud db + user: + name: nc-db + uid: "{{ nextcloud_db_uid }}" + group: nc-db + password: "!" + +- name: create nextcloud database subdirectory + loop: "{{ nextcloud_instances | dict2items}}" + loop_control: + label: "{{ item.key }} ({{ item.value.database.type }})" + file: + path: "{{ nextcloud_base_path }}/{{ item.key }}/{{ item.value.database.type }}" + owner: "{{ nextcloud_db_uid }}" + group: "{{ nextcloud_db_gid }}" + state: directory + + +- name: create auxiliary config directory + loop: "{{ nextcloud_instances | list }}" + file: + path: "{{ nextcloud_base_path }}/{{ item }}/config" + state: directory + +- name: create apache vhost config + loop: "{{ nextcloud_instances | list }}" + template: + src: apache-site.conf.j2 + dest: "{{ nextcloud_base_path }}/{{ item }}/config/apache-site.conf" + +- name: configure apache to run on port 8080 only + loop: "{{ nextcloud_instances | list }}" + copy: + content: | + Listen 8080 + dest: "{{ nextcloud_base_path }}/{{ item }}/config/ports.conf" + + +- name: generate pod manifests + loop: "{{ nextcloud_instances | dict2items }}" + loop_control: + label: "{{ item.key }}" + template: + src: "pod-with-{{ item.value.database.type }}.yml.j2" + dest: "/etc/kubernetes/manifests/nextcloud-{{ item.key }}.yml" + mode: 0600 + + +- name: install cron trigger script + loop: "{{ nextcloud_instances | list }}" + template: + src: run-cron.sh.j2 + dest: "{{ nextcloud_base_path }}/{{ item }}/config/run-cron.sh" + mode: 0755 + +- name: install template systemd unit for cron trigger + template: + src: cron@.service.j2 + dest: /etc/systemd/system/nextcloud-cron@.service + +- name: install systemd timer unit + loop: "{{ nextcloud_instances | list }}" + template: + src: cron-.timer.j2 + dest: "/etc/systemd/system/nextcloud-cron-{{ item }}.timer" + +- name: start/enable cron trigger systemd timer + loop: "{{ nextcloud_instances | list }}" + systemd: + daemon_reload: yes + name: "nextcloud-cron-{{ item }}.timer" + state: started + enabled: yes + + +- name: configure nginx vhost + loop: "{{ nextcloud_instances | dict2items }}" + include_role: + name: nginx/vhost + vars: + nginx_vhost: + name: "nextcloud-{{ item.key }}" + template: generic-proxy-no-buffering-with-acme + acme: true + hostnames: "{{ item.value.hostnames }}" + client_max_body_size: "512M" + proxy_pass: "http://127.0.0.1:{{ item.value.port }}" + proxy_redirect: + - redirect: "http://$host/" + replacement: "https://$host/" + - redirect: "http://$host:8080/" + replacement: "https://$host/" + + +- name: install management scripts + loop: + - nextcloud-upgrade + - nextcloud-occ + template: + src: "{{ item }}.j2" + dest: "/usr/local/bin/{{ item }}" + mode: 0755 + +## TODO: +# run this after installation is complete: +# +# nextcloud-occ {{ instance }} db:add-missing-indices +# nextcloud-occ {{ instance }} db:convert-filecache-bigint +# |