diff options
| -rw-r--r-- | roles/nextcloud/tasks/main.yml | 27 | ||||
| -rw-r--r-- | roles/nextcloud/templates/cron@.service.j2 | 15 | ||||
| -rw-r--r-- | roles/nextcloud/templates/cron@.timer.j2 | 8 | ||||
| -rw-r--r-- | roles/nextcloud/templates/run-cron.sh.j2 | 10 |
4 files changed, 60 insertions, 0 deletions
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index fe65d62b..90a65fc6 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -114,6 +114,22 @@ Listen 8080 dest: "{{ nextcloud_base_path }}/{{ item }}/config/ports.conf" +- name: install cron trigger script + loop: "{{ nextcloud_instances | list }}" + loop_control: + label: "{{ item }}" + template: + src: run-cron.sh.j2 + dest: "{{ nextcloud_base_path }}/{{ item }}/config/run-cron.sh" + mode: 0755 + +- name: install template systemd units for cron trigger + loop: + - service + - timer + template: + src: "cron@.{{ item }}.j2" + dest: "/etc/systemd/system/nextcloud-cron@.{{ item }}" - name: generate pod manifests @@ -124,3 +140,14 @@ src: "pod-with-{{ item.value.database.type }}.yml.j2" dest: "/etc/kubernetes/manifests/{{ item.key }}.yml" mode: 0600 + + +- name: start/enable cron trigger systemd timer + loop: "{{ nextcloud_instances | list }}" + loop_control: + label: "{{ item }}" + systemd: + daemon_reload: yes + name: "nextcloud-cron@{{ item }}.timer" + state: started + enabled: yes diff --git a/roles/nextcloud/templates/cron@.service.j2 b/roles/nextcloud/templates/cron@.service.j2 new file mode 100644 index 00000000..822f64b4 --- /dev/null +++ b/roles/nextcloud/templates/cron@.service.j2 @@ -0,0 +1,15 @@ +[Unit] +Description=Nextcloud cron.php job for %i + +[Service] +Type=oneshot +ExecStart={{ nextcloud_base_path }}/%i/config/run-cron.sh +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +ProtectSystem=strict +ProtectHome=yes +ProtectKernelTunables=yes +ProtectControlGroups=yes +RestrictRealtime=yes +RestrictAddressFamilies=AF_UNIX AF_INET diff --git a/roles/nextcloud/templates/cron@.timer.j2 b/roles/nextcloud/templates/cron@.timer.j2 new file mode 100644 index 00000000..fc7a247d --- /dev/null +++ b/roles/nextcloud/templates/cron@.timer.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=Nextcloud cron.php job timer for %i + +[Timer] +OnCalendar=*:{{ 15 | random(seed=item) }}/15 + +[Install] +WantedBy=timers.target diff --git a/roles/nextcloud/templates/run-cron.sh.j2 b/roles/nextcloud/templates/run-cron.sh.j2 new file mode 100644 index 00000000..a0c986ae --- /dev/null +++ b/roles/nextcloud/templates/run-cron.sh.j2 @@ -0,0 +1,10 @@ +#!/bin/bash + +## TODO: what about other container runtimes??? +export CONTAINER_RUNTIME_ENDPOINT=unix:///run/containerd/containerd.sock + +POD_NAME="{{ item }}-$(hostname)" +POD_ID=$(crictl pods --name "$POD_NAME" --state ready -q) +CONTAINER_ID=$(crictl ps --pod "$POD_ID" --name nextcloud -q) + +exec crictl exec "$CONTAINER_ID" php -f /var/www/html/cron.php |