nextcloud added cron trigger

3 files changed, 33 insertions, 0 deletions

diff --git a/roles/nextcloud/templates/cron@.service.j2 b/roles/nextcloud/templates/cron@.service.j2
new file mode 100644
index 00000000..822f64b4
--- /dev/null
+++ b/roles/nextcloud/templates/cron@.service.j2
@@ -0,0 +1,15 @@
+[Unit]
+Description=Nextcloud cron.php job for %i
+
+[Service]
+Type=oneshot
+ExecStart={{ nextcloud_base_path }}/%i/config/run-cron.sh
+NoNewPrivileges=yes
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=strict
+ProtectHome=yes
+ProtectKernelTunables=yes
+ProtectControlGroups=yes
+RestrictRealtime=yes
+RestrictAddressFamilies=AF_UNIX AF_INET
diff --git a/roles/nextcloud/templates/cron@.timer.j2 b/roles/nextcloud/templates/cron@.timer.j2
new file mode 100644
index 00000000..fc7a247d
--- /dev/null
+++ b/roles/nextcloud/templates/cron@.timer.j2
@@ -0,0 +1,8 @@
+[Unit]
+Description=Nextcloud cron.php job timer for %i
+
+[Timer]
+OnCalendar=*:{{ 15 | random(seed=item) }}/15
+
+[Install]
+WantedBy=timers.target
diff --git a/roles/nextcloud/templates/run-cron.sh.j2 b/roles/nextcloud/templates/run-cron.sh.j2
new file mode 100644
index 00000000..a0c986ae
--- /dev/null
+++ b/roles/nextcloud/templates/run-cron.sh.j2
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+## TODO: what about other container runtimes???
+export CONTAINER_RUNTIME_ENDPOINT=unix:///run/containerd/containerd.sock
+
+POD_NAME="{{ item }}-$(hostname)"
+POD_ID=$(crictl pods --name "$POD_NAME" --state ready -q)
+CONTAINER_ID=$(crictl ps --pod "$POD_ID" --name nextcloud -q)
+
+exec crictl exec "$CONTAINER_ID" php -f /var/www/html/cron.php