ele-media: nextcloud base install

author: Christian Pointner <equinox@spreadspace.org> 2022-07-06 23:16:29 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2022-07-06 23:16:29 +0200
commit: 20dc85ae0c644a9580e12314d443c3356dcab4ca (patch)
tree: 5c7707835ae898dfc6d91087a2126f824f462430 /roles/elevate/media/tasks/nextcloud-app.yml
parent: ele-media: base install (diff)
1 files changed, 128 insertions, 0 deletions
diff --git a/roles/elevate/media/tasks/nextcloud-app.yml b/roles/elevate/media/tasks/nextcloud-app.yml
new file mode 100644
index 00000000..fd864893
--- /dev/null
+++ b/roles/elevate/media/tasks/nextcloud-app.yml
@@ -0,0 +1,128 @@
+---
+- name: prepare storage volume for nextcloud
+  vars:
+    storage_volume: "{{ elevate_media_nextcloud_storage | combine({'dest': elevate_media_nextcloud_base_path}) }}"
+  include_role:
+    name: "storage/{{ elevate_media_nextcloud_storage.type }}/volume"
+
+- name: create nextcloud app subdirectory
+  file:
+    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/nextcloud"
+    owner: "{{ elevate_media_share_uid }}"
+    group: "{{ elevate_media_share_gid }}"
+    state: directory
+
+
+- name: add group for nextcloud db
+  group:
+    name: nc-db
+    gid: "{{ elevate_media_nextcloud_db_gid }}"
+
+- name: add user for nextcloud db
+  user:
+    name: nc-db
+    uid: "{{ elevate_media_nextcloud_db_uid }}"
+    group: nc-db
+    password: "!"
+
+- name: create nextcloud database subdirectory
+  file:
+    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/{{ elevate_media_nextcloud_instance.database.type }}"
+    owner: "{{ elevate_media_nextcloud_db_uid }}"
+    group: "{{ elevate_media_nextcloud_db_gid }}"
+    state: directory
+
+
+- name: create auxiliary config directory
+  file:
+    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config"
+    state: directory
+
+- name: create apache vhost config
+  template:
+    src: nextcloud-apache-site.conf.j2
+    dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/apache-site.conf"
+
+- name: configure apache to run on port 8080 only
+  copy:
+    content: |
+      Listen 8080
+    dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/ports.conf"
+
+
+- name: build custom image
+  include_tasks: nextcloud-custom-image.yml
+
+- name: install pod manifest
+  vars:
+    kubernetes_standalone_pod:
+      name: "nextcloud-{{ elevate_media_nextcloud_instance_name }}"
+      spec: "{{ lookup('template', 'nextcloud-pod-spec-with-{{ elevate_media_nextcloud_instance.database.type }}.yml.j2') }}"
+      mode: "0600"
+      config_hash_items:
+      - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/apache-site.conf"
+        properties:
+        - checksum
+      - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/ports.conf"
+        properties:
+        - checksum
+      - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/build/Dockerfile"
+        properties:
+        - checksum
+  include_role:
+    name: kubernetes/standalone/pod
+
+
+- name: install cron trigger script
+  template:
+    src: nextcloud-run-cron.sh.j2
+    dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/run-cron.sh"
+    mode: 0755
+
+- name: install template systemd unit for cron trigger
+  template:
+    src: nextcloud-cron@.service.j2
+    dest: /etc/systemd/system/nextcloud-cron@.service
+
+- name: install systemd timer unit
+  template:
+    src: nextcloud-cron-.timer.j2
+    dest: "/etc/systemd/system/nextcloud-cron-{{ elevate_media_nextcloud_instance_name }}.timer"
+
+- name: start/enable cron trigger systemd timer
+  systemd:
+    daemon_reload: yes
+    name: "nextcloud-cron-{{ elevate_media_nextcloud_instance_name }}.timer"
+    state: started
+    enabled: yes
+
+
+- name: configure nginx vhost
+  vars:
+    nginx_vhost:
+      name: "nextcloud-{{ elevate_media_nextcloud_instance_name }}"
+      template: generic-proxy-no-buffering-with-acme
+      acme: true
+      hostnames: "{{ elevate_media_nextcloud_instance.hostnames }}"
+      locations:
+        '/':
+          proxy_pass: "http://127.0.0.1:{{ elevate_media_nextcloud_instance.port }}"
+          proxy_redirect:
+          - redirect: "http://$host/"
+            replacement: "https://$host/"
+          - redirect: "http://$host:8080/"
+            replacement: "https://$host/"
+          extra_directives: |-
+            client_max_body_size 0;
+  include_role:
+    name: nginx/vhost
+
+
+- name: install management scripts
+  loop:
+    - nextcloud-upgrade
+    - nextcloud-occ
+  template:
+    src: "{{ item }}.j2"
+    dest: "/usr/local/bin/{{ item }}"
+    mode: 0755
author	Christian Pointner <equinox@spreadspace.org>	2022-07-06 23:16:29 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2022-07-06 23:16:29 +0200
commit	20dc85ae0c644a9580e12314d443c3356dcab4ca (patch)
tree	5c7707835ae898dfc6d91087a2126f824f462430 /roles/elevate/media/tasks/nextcloud-app.yml
parent	ele-media: base install (diff)