diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2019-10-14 21:27:28 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2019-10-14 21:27:28 +0200 |
| commit | f2f8d661a0f1a99604fd1c502c708d6824948376 (patch) | |
| tree | 1ac90e398726c2ab85d6937de4a6a6352c7a91d6 /roles/nextcloud/tasks | |
| parent | finalize wolke.elevate.at (diff) | |
nextcloud deployment made easier
Diffstat (limited to 'roles/nextcloud/tasks')
| -rw-r--r-- | roles/nextcloud/tasks/main.yml | 42 |
1 files changed, 8 insertions, 34 deletions
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 0f9413b9..1b0602f5 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -89,45 +89,14 @@ src: apache-site.conf.j2 dest: "{{ nextcloud_base_path }}/{{ item }}/config/apache-site.conf" -- name: configure apache to run on port 8443 only +- name: configure apache to run on port 8080 only loop: "{{ nextcloud_instances | list }}" copy: content: | - Listen 8443 + Listen 8080 dest: "{{ nextcloud_base_path }}/{{ item }}/config/ports.conf" -- name: create tls cert/key directory - loop: "{{ nextcloud_instances | list }}" - file: - path: "{{ nextcloud_base_path }}/{{ item }}/config/tls" - state: directory - -- name: generate tls private key for apache - loop: "{{ nextcloud_instances | list }}" - openssl_privatekey: - path: "{{ nextcloud_base_path }}/{{ item }}/config/tls/nextcloud.key" - mode: 0640 - owner: root - group: nc-app - -- name: generate csr for selfsigned certifacate - loop: "{{ nextcloud_instances | list }}" - openssl_csr: - path: "{{ nextcloud_base_path }}/{{ item }}/config/tls/nextcloud.csr" - privatekey_path: "{{ nextcloud_base_path }}/{{ item }}/config/tls/nextcloud.key" - common_name: "nextcloud-{{ item }}" - -## TODO: fix idempotence -- name: generate tls self-signed certificate for apache - loop: "{{ nextcloud_instances | list }}" - openssl_certificate: - path: "{{ nextcloud_base_path }}/{{ item }}/config/tls/nextcloud.crt" - privatekey_path: "{{ nextcloud_base_path }}/{{ item }}/config/tls/nextcloud.key" - csr_path: "{{ nextcloud_base_path }}/{{ item }}/config/tls/nextcloud.csr" - provider: selfsigned - - - name: generate pod manifests loop: "{{ nextcloud_instances | dict2items }}" loop_control: @@ -172,6 +141,11 @@ vars: nginx_vhost: name: "{{ item.key }}" - content: "{{ lookup('template', 'nginx-vhost.conf.j2') }}" + template: generic-proxy-no-buffering-with-acme acme: true hostnames: "{{ item.value.hostnames }}" + client_max_body_size: "512M" + proxy_pass: "http://127.0.0.1:{{ item.value.port }}" + proxy_redirect: + redirect: "http://$host:8080/" + replacement: "https://$host/" |