diff options
author | Christian Pointner <equinox@spreadspace.org> | 2022-07-06 23:16:29 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2022-07-06 23:16:29 +0200 |
commit | 20dc85ae0c644a9580e12314d443c3356dcab4ca (patch) | |
tree | 5c7707835ae898dfc6d91087a2126f824f462430 /roles/elevate/media/tasks | |
parent | ele-media: base install (diff) |
ele-media: nextcloud base install
Diffstat (limited to 'roles/elevate/media/tasks')
-rw-r--r-- | roles/elevate/media/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/elevate/media/tasks/nextcloud-app.yml | 128 | ||||
-rw-r--r-- | roles/elevate/media/tasks/nextcloud-custom-image.yml | 31 | ||||
-rw-r--r-- | roles/elevate/media/tasks/nextcloud.yml | 4 | ||||
-rw-r--r-- | roles/elevate/media/tasks/samba.yml | 6 |
5 files changed, 169 insertions, 8 deletions
diff --git a/roles/elevate/media/tasks/main.yml b/roles/elevate/media/tasks/main.yml index 097f0c1b..910104f8 100644 --- a/roles/elevate/media/tasks/main.yml +++ b/roles/elevate/media/tasks/main.yml @@ -1,11 +1,5 @@ --- -- name: install samba - apt: - name: - - samba - state: present - -- name: configure samba +- name: install and configure samba import_tasks: samba.yml - name: install and configure nextcloud diff --git a/roles/elevate/media/tasks/nextcloud-app.yml b/roles/elevate/media/tasks/nextcloud-app.yml new file mode 100644 index 00000000..fd864893 --- /dev/null +++ b/roles/elevate/media/tasks/nextcloud-app.yml @@ -0,0 +1,128 @@ +--- +- name: prepare storage volume for nextcloud + vars: + storage_volume: "{{ elevate_media_nextcloud_storage | combine({'dest': elevate_media_nextcloud_base_path}) }}" + include_role: + name: "storage/{{ elevate_media_nextcloud_storage.type }}/volume" + +- name: create nextcloud app subdirectory + file: + path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/nextcloud" + owner: "{{ elevate_media_share_uid }}" + group: "{{ elevate_media_share_gid }}" + state: directory + + +- name: add group for nextcloud db + group: + name: nc-db + gid: "{{ elevate_media_nextcloud_db_gid }}" + +- name: add user for nextcloud db + user: + name: nc-db + uid: "{{ elevate_media_nextcloud_db_uid }}" + group: nc-db + password: "!" + +- name: create nextcloud database subdirectory + file: + path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/{{ elevate_media_nextcloud_instance.database.type }}" + owner: "{{ elevate_media_nextcloud_db_uid }}" + group: "{{ elevate_media_nextcloud_db_gid }}" + state: directory + + +- name: create auxiliary config directory + file: + path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config" + state: directory + +- name: create apache vhost config + template: + src: nextcloud-apache-site.conf.j2 + dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/apache-site.conf" + +- name: configure apache to run on port 8080 only + copy: + content: | + Listen 8080 + dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/ports.conf" + + +- name: build custom image + include_tasks: nextcloud-custom-image.yml + +- name: install pod manifest + vars: + kubernetes_standalone_pod: + name: "nextcloud-{{ elevate_media_nextcloud_instance_name }}" + spec: "{{ lookup('template', 'nextcloud-pod-spec-with-{{ elevate_media_nextcloud_instance.database.type }}.yml.j2') }}" + mode: "0600" + config_hash_items: + - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/apache-site.conf" + properties: + - checksum + - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/ports.conf" + properties: + - checksum + - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/build/Dockerfile" + properties: + - checksum + include_role: + name: kubernetes/standalone/pod + + +- name: install cron trigger script + template: + src: nextcloud-run-cron.sh.j2 + dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/run-cron.sh" + mode: 0755 + +- name: install template systemd unit for cron trigger + template: + src: nextcloud-cron@.service.j2 + dest: /etc/systemd/system/nextcloud-cron@.service + +- name: install systemd timer unit + template: + src: nextcloud-cron-.timer.j2 + dest: "/etc/systemd/system/nextcloud-cron-{{ elevate_media_nextcloud_instance_name }}.timer" + +- name: start/enable cron trigger systemd timer + systemd: + daemon_reload: yes + name: "nextcloud-cron-{{ elevate_media_nextcloud_instance_name }}.timer" + state: started + enabled: yes + + +- name: configure nginx vhost + vars: + nginx_vhost: + name: "nextcloud-{{ elevate_media_nextcloud_instance_name }}" + template: generic-proxy-no-buffering-with-acme + acme: true + hostnames: "{{ elevate_media_nextcloud_instance.hostnames }}" + locations: + '/': + proxy_pass: "http://127.0.0.1:{{ elevate_media_nextcloud_instance.port }}" + proxy_redirect: + - redirect: "http://$host/" + replacement: "https://$host/" + - redirect: "http://$host:8080/" + replacement: "https://$host/" + extra_directives: |- + client_max_body_size 0; + include_role: + name: nginx/vhost + + +- name: install management scripts + loop: + - nextcloud-upgrade + - nextcloud-occ + template: + src: "{{ item }}.j2" + dest: "/usr/local/bin/{{ item }}" + mode: 0755 diff --git a/roles/elevate/media/tasks/nextcloud-custom-image.yml b/roles/elevate/media/tasks/nextcloud-custom-image.yml new file mode 100644 index 00000000..46f06dbf --- /dev/null +++ b/roles/elevate/media/tasks/nextcloud-custom-image.yml @@ -0,0 +1,31 @@ +--- +- name: create build directory for custom image + file: + path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/build" + state: directory + +- name: generate Dockerfile for custom image + copy: + content: | + FROM {{ elevate_media_nextcloud_instance.custom_image.from | default('nextcloud:' + elevate_media_nextcloud_instance.version) }} + + RUN set -x \ + && addgroup --gid {{ elevate_media_share_gid }} nc-app \ + && adduser --uid {{ elevate_media_share_uid }} --gid {{ elevate_media_share_gid }} --system --no-create-home --home /var/www/html --disabled-login --disabled-password nc-app + {% if 'custom_image' in elevate_media_nextcloud_instance %} + + {{ elevate_media_nextcloud_instance.custom_image.dockerfile }} + {% endif %} + dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/build/Dockerfile" + register: nextcloud_custom_image_docker + +- name: build custom image + docker_image: + name: "nextcloud/{{ elevate_media_nextcloud_instance_name }}:{{ elevate_media_nextcloud_instance.version }}" + state: present + force_source: "{{ nextcloud_custom_image_docker is changed }}" + source: build + build: + path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/build" + network: host + pull: yes diff --git a/roles/elevate/media/tasks/nextcloud.yml b/roles/elevate/media/tasks/nextcloud.yml index e24bf32d..1b875f2b 100644 --- a/roles/elevate/media/tasks/nextcloud.yml +++ b/roles/elevate/media/tasks/nextcloud.yml @@ -1,5 +1,7 @@ --- -## TODO: include role: apps/nextcloud +## TODO: convert to new apps/nexctloud/instance role once this is done! +- name: basic nextcloud config + import_tasks: nextcloud-app.yml # - name: configure nextcloud upload file size limit # loop: diff --git a/roles/elevate/media/tasks/samba.yml b/roles/elevate/media/tasks/samba.yml index 3101a82a..67a511de 100644 --- a/roles/elevate/media/tasks/samba.yml +++ b/roles/elevate/media/tasks/samba.yml @@ -1,4 +1,10 @@ --- +- name: install samba + apt: + name: + - samba + state: present + - name: create group for shared access group: name: share |