summaryrefslogtreecommitdiff
path: root/roles/elevate/media/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/elevate/media/tasks')
-rw-r--r--roles/elevate/media/tasks/nextcloud-config.yml52
-rw-r--r--roles/elevate/media/tasks/nextcloud-lvm.yml42
-rw-r--r--roles/elevate/media/tasks/nextcloud.yml141
3 files changed, 178 insertions, 57 deletions
diff --git a/roles/elevate/media/tasks/nextcloud-config.yml b/roles/elevate/media/tasks/nextcloud-config.yml
new file mode 100644
index 00000000..1ce80860
--- /dev/null
+++ b/roles/elevate/media/tasks/nextcloud-config.yml
@@ -0,0 +1,52 @@
+---
+ # TODO: fix idempotence
+- name: set up permission for external storage
+ command: docker exec -u root nextcloud.service bash -c "chown root:www-data /srv/external && chmod 02775 /srv/external"
+ changed_when: false
+
+
+ ## TODO: this is idempotent but flagging change would be nice
+- name: set up permission for external storage
+ command: docker exec -u www-data nextcloud.service /var/www/html/occ app:enable files_external
+ changed_when: false
+
+
+- name: check if elevate group exists in nextcloud (1/2)
+ command: docker exec -u www-data nextcloud.service /var/www/html/occ group:list -n --output=json
+ register: nextcloud_group_list
+ changed_when: false
+
+- name: check if elevate group exists in nextcloud (2/2)
+ set_fact:
+ nextcloud_group_list: "{{ nextcloud_group_list.stdout | from_json }}"
+
+- name: create group elevate group in nextcloud
+ command: docker exec -u www-data nextcloud.service /var/www/html/occ group:add -n elevate
+ when: '"elevate" not in nextcloud_group_list'
+
+
+- name: check if external storage is configured in nextcloud (1/2)
+ command: docker exec -u www-data nextcloud.service /var/www/html/occ files_external:list -n --output=json
+ register: nextcloud_files_external_list
+ changed_when: false
+
+- name: check if external storage is configured in nextcloud (2/2)
+ set_fact:
+ nextcloud_files_external_list: "{{ nextcloud_files_external_list.stdout | from_json }}"
+
+- debug:
+ var: nextcloud_files_external_list
+
+- name: configure external storage in nextcloud
+ command: docker exec -u www-data nextcloud.service /var/www/html/occ files_external:create -n --output=json --config="datadir=/srv/external" Fileserver local null::null
+ when: not (nextcloud_files_external_list | nextcloud_mountpoint_exists('/Fileserver'))
+
+ ## TODO: this is idempotent but flagging change would be nice
+- name: set up permission for external storage
+ command: docker exec -u www-data nextcloud.service /var/www/html/occ files_external:applicable -n --output=json 1 --add-group=elevate
+ changed_when: false
+
+
+### add this until tests have been done
+## 'overwriteprotocol' => 'http', -> /srv/nextcloud/config/nextcloud/config.php
+#
diff --git a/roles/elevate/media/tasks/nextcloud-lvm.yml b/roles/elevate/media/tasks/nextcloud-lvm.yml
new file mode 100644
index 00000000..d24326d3
--- /dev/null
+++ b/roles/elevate/media/tasks/nextcloud-lvm.yml
@@ -0,0 +1,42 @@
+---
+- name: prepare nextcloud system disk as LVM
+ when: nextcloud_lvm.system is defined
+ block:
+ - name: create logical volume
+ lvol:
+ vg: "{{ nextcloud_lvm.system.vg }}"
+ lv: "{{ nextcloud_lvm.system.lv }}"
+ size: "{{ nextcloud_lvm.system.size }}"
+
+ - name: create filesystem
+ filesystem:
+ fstype: "{{ nextcloud_lvm.system.fs }}"
+ dev: "/dev/mapper/{{ nextcloud_lvm.system.vg | replace('-', '--') }}-{{ nextcloud_lvm.system.lv | replace('-', '--') }}"
+
+ - name: mount filesytem
+ mount:
+ src: "/dev/mapper/{{ nextcloud_lvm.system.vg | replace('-', '--') }}-{{ nextcloud_lvm.system.lv | replace('-', '--') }}"
+ path: /srv/nextcloud
+ fstype: "{{ nextcloud_lvm.system.fs }}"
+ state: mounted
+
+- name: prepare nextcloud data disk as LVM
+ when: nextcloud_lvm.data is defined
+ block:
+ - name: create logical volume
+ lvol:
+ vg: "{{ nextcloud_lvm.data.vg }}"
+ lv: "{{ nextcloud_lvm.data.lv }}"
+ size: "{{ nextcloud_lvm.data.size }}"
+
+ - name: create filesystem
+ filesystem:
+ fstype: "{{ nextcloud_lvm.data.fs }}"
+ dev: "/dev/mapper/{{ nextcloud_lvm.data.vg | replace('-', '--') }}-{{ nextcloud_lvm.data.lv | replace('-', '--') }}"
+
+ - name: mount filesytem
+ mount:
+ src: "/dev/mapper/{{ nextcloud_lvm.data.vg | replace('-', '--') }}-{{ nextcloud_lvm.data.lv | replace('-', '--') }}"
+ path: /srv/ncdata
+ fstype: "{{ nextcloud_lvm.data.fs }}"
+ state: mounted
diff --git a/roles/elevate/media/tasks/nextcloud.yml b/roles/elevate/media/tasks/nextcloud.yml
index 6a3faf73..d827a28a 100644
--- a/roles/elevate/media/tasks/nextcloud.yml
+++ b/roles/elevate/media/tasks/nextcloud.yml
@@ -1,4 +1,7 @@
---
+- name: preare nextcloud disks
+ import_tasks: nextcloud-lvm.yml
+
- name: create nextcloud config directory
file:
path: /srv/nextcloud/config/
@@ -9,61 +12,85 @@
src: nextcloud-fpm.conf.j2
dest: /srv/nextcloud/config/nextcloud-fpm.conf
-##### TODO: implement the following steps
-### install
-#
-# docker run --rm --network host --name nextcloud \
-# -e NEXTCLOUD_UPDATE=1 -e NEXTCLOUD_TRUSTED_DOMAINS="media.elevate.at elevate-media.spreadspace.org 89.106.211.61" \
-# -e MYSQL_DATABASE="nextcloud" -e MYSQL_HOST="127.0.0.1:3306" -e MYSQL_USER="nextcloud" -e MYSQL_PASSWORD="testtest" \
-# -e NEXTCLOUD_ADMIN_USER="admin" -e NEXTCLOUD_ADMIN_PASSWORD="test" \
-# -v /srv/nextcloud/config/nextcloud-fpm.conf:/usr/local/etc/php-fpm.d/zzzzz.conf \
-# -v /srv/nextcloud/config/nextcloud:/var/www/html/config \
-# -v /srv/data/nextcloud:/var/www/html/data \
-# -v /srv/data/share:/srv/external \
-# -v /srv/nextcloud/www:/var/www/html nextcloud:15-fpm /bin/true
-#
-#
-## for now we only support http (not needed when nginx and network config is fixed)
-##
-## 'overwriteprotocol' => 'http', -> /srv/nextcloud/config/nextcloud/config.php
-##
-#
-### run
-#
-# docker run --rm -d --network host --name nextcloud \
-# -v /srv/nextcloud/config/nextcloud-fpm.conf:/usr/local/etc/php-fpm.d/zzzzz.conf \
-# -v /srv/nextcloud/config/nextcloud:/var/www/html/config \
-# -v /srv/data/nextcloud:/var/www/html/data \
-# -v /srv/data/share:/srv/external \
-# -v /srv/nextcloud/www:/var/www/html nextcloud:15-fpm
-#
-#
-### post -install
-#
-# docker exec -u root -it nextcloud bash -c "chown root:www-data /srv/external && chmod 02775 /srv/external"
-#
-## this is idempotent
-# docker exec -u www-data -it nextcloud /var/www/html/occ app:enable files_external
-#
-## docker exec -u www-data -it nextcloud /var/www/html/occ group:list -n --output=json
-# docker exec -u www-data -it nextcloud /var/www/html/occ group:add -n Elevate
-#
-## docker exec -u www-data -it nextcloud /var/www/html/occ files_external:list --output=json
-# docker exec -u www-data -it nextcloud /var/www/html/occ files_external:create -n --output=json --config="datadir=/srv/external" Fileserver local null::null
-#
-## this is idempotent
-# docker exec -u www-data -it nextcloud /var/www/html/occ files_external:applicable -n --output=json 1 --add-group=Elevate
-#
-#
-#
-##### not need to implement this...
-#
-### purge
-#
-# docker stop nextcloud
-# rm -rf /srv/nextcloud/config/nextcloud
-# rm -rf /srv/data/nextcloud
-# rm -rf /srv/nextcloud/www
-# echo "drop database nextcloud;" | mysql --defaults-extra-file=/etc/mysql/debian.cnf
-#
+- name: create nextcloud database
+ mysql_db:
+ login_user: root
+ login_password: "{{ mysql_root_password }}"
+ db: "{{ nextcloud_db.db }}"
+ encoding: utf8mb4
+ collation: utf8mb4_general_ci
+ state: present
+
+- name: create nextcloud database user
+ mysql_user:
+ login_user: root
+ login_password: "{{ mysql_root_password }}"
+ name: "{{ nextcloud_db.user }}"
+ password: "{{ nextcloud_db.password }}"
+ priv: "{{ nextcloud_db.db }}.*:SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER,CREATE TEMPORARY TABLES"
+ state: present
+
+
+- name: check if nextcloud is already configured
+ stat:
+ path: /srv/nextcloud/config/nextcloud/config.php
+ register: nextcloud_config_file
+
+- name: running nextcloud installer
+ when: not nextcloud_config_file.stat.exists
+ docker_container:
+ name: nextcloud
+ image: nextcloud:{{ nextcloud_version }}-fpm
+ command: /bin/true
+ network_mode: host
+ detach: no
+ auto_remove: yes
+ volumes:
+ - /srv/nextcloud/www:/var/www/html
+ - /srv/nextcloud/config/nextcloud-fpm.conf:/usr/local/etc/php-fpm.d/zzzzz.conf
+ - /srv/nextcloud/config/nextcloud:/var/www/html/config
+ - /srv/ncdata/nextcloud:/var/www/html/data
+ - /srv/ncdata/share:/srv/external
+ env:
+ NEXTCLOUD_UPDATE: '1'
+ NEXTCLOUD_TRUSTED_DOMAINS: "{{ nextcloud_hostnames | join(' ') }} 89.106.211.61" ## TODO remove ip when tests are done
+ MYSQL_DATABASE: "{{ nextcloud_db.db }}"
+ MYSQL_HOST: "127.0.0.1:3306"
+ MYSQL_USER: "{{ nextcloud_db.user }}"
+ MYSQL_PASSWORD: "{{ nextcloud_db.password }}"
+ NEXTCLOUD_ADMIN_USER: "{{ nextcloud_admin.username }}"
+ NEXTCLOUD_ADMIN_PASSWORD: "{{ nextcloud_admin.password }}"
+
+
+- name: install nextcloud service unit
+ template:
+ src: nextcloud.service.j2
+ dest: /etc/systemd/system/nextcloud.service
+ register: nextcloud_service
+
+- name: make sure nextcloud is started and enabled
+ systemd:
+ name: nextcloud.service
+ state: "{% if nextcloud_service.changed %}restarted{% else %}started{% endif %}"
+ enabled: yes
+ daemon_reload: yes
+
+- name: basic nextcloud config
+ import_tasks: nextcloud-config.yml
+
+- name: install nextcloud cron systemd units
+ with_items:
+ - service
+ - timer
+ template:
+ src: "nextcloud-cron.{{ item }}.j2"
+ dest: "/etc/systemd/system/nextcloud-cron.{{ item }}"
+
+- name: make sure nextcloud cron is started and enabled
+ systemd:
+ name: nextcloud-cron.timer
+ state: started
+ enabled: yes
+ daemon_reload: yes
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-08 17:21:50 +0000