diff options
Diffstat (limited to 'roles/nextcloud')
-rw-r--r-- | roles/nextcloud/tasks/main.yml | 37 | ||||
-rw-r--r-- | roles/nextcloud/templates/pod-with-mariadb.yml.j2 | 45 |
2 files changed, 72 insertions, 10 deletions
diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index 8453ce65..fe65d62b 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -79,6 +79,43 @@ state: directory +- name: create image config dir + loop: "{{ nextcloud_instances | list }}" + loop_control: + label: "{{ item }}" + file: + path: "{{ nextcloud_base_path }}/{{ item }}/config" + state: directory + +- name: create apache vhost config + loop: "{{ nextcloud_instances | list }}" + loop_control: + label: "{{ item }}" + copy: + content: | + <VirtualHost *:8080> + ServerAdmin webmaster@localhost + DocumentRoot /var/www/html + + # SetEnv HTTPS on + # SetEnvIfNoCase X-Forwarded-Proto https HTTPS=on + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + </VirtualHost> + dest: "{{ nextcloud_base_path }}/{{ item }}/config/apache-site.conf" + +- name: configure apache to run on port 8080 only + loop: "{{ nextcloud_instances | list }}" + loop_control: + label: "{{ item }}" + copy: + content: | + Listen 8080 + dest: "{{ nextcloud_base_path }}/{{ item }}/config/ports.conf" + + + - name: generate pod manifests loop: "{{ nextcloud_instances | dict2items }}" loop_control: diff --git a/roles/nextcloud/templates/pod-with-mariadb.yml.j2 b/roles/nextcloud/templates/pod-with-mariadb.yml.j2 index 4e2f6baa..7fa40cd4 100644 --- a/roles/nextcloud/templates/pod-with-mariadb.yml.j2 +++ b/roles/nextcloud/templates/pod-with-mariadb.yml.j2 @@ -7,17 +7,35 @@ spec: allowPrivilegeEscalation: false containers: - name: nextcloud - image: debian:buster - command: - - /bin/bash - - -c - - "sleep 7200" - # securityContext: - # runAsUser: {{ nextcloud_app_uid }} - # runAsGroup: {{ nextcloud_app_gid }} + image: "nextcloud:{{ item.value.version }}" + securityContext: + runAsUser: {{ nextcloud_app_uid }} + runAsGroup: {{ nextcloud_app_gid }} + resources: + limits: + memory: "4Gi" + env: + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: "{{ item.value.hostnames | join(' ') }}" + - name: MYSQL_HOST + value: 127.0.0.1 + - name: MYSQL_DATABASE + value: nextcloud + - name: MYSQL_USER + value: nextcloud + - name: MYSQL_PASSWORD + value: "{{ item.value.database.password }}" volumeMounts: - name: nextcloud mountPath: /var/www/html + - name: config + mountPath: /etc/apache2/sites-available/000-default.conf + subPath: apache-site.conf + readOnly: true + - name: config + mountPath: /etc/apache2/ports.conf + subPath: ports.conf + readOnly: true ports: - containerPort: 8080 hostPort: {{ item.value.port }} @@ -29,19 +47,26 @@ spec: securityContext: runAsUser: {{ nextcloud_db_uid }} runAsGroup: {{ nextcloud_db_gid }} + resources: + limits: + memory: "2Gi" env: - name: MYSQL_RANDOM_ROOT_PASSWORD value: "true" - - name: MYSQL_PASSWORD - value: "{{ item.value.database.password }}" - name: MYSQL_DATABASE value: nextcloud - name: MYSQL_USER value: nextcloud + - name: MYSQL_PASSWORD + value: "{{ item.value.database.password }}" volumeMounts: - name: database mountPath: /var/lib/mysql volumes: + - name: config + hostPath: + path: "{{ nextcloud_base_path }}/{{ item.key }}/config/" + type: Directory - name: nextcloud hostPath: path: "{{ nextcloud_base_path }}/{{ item.key }}/nextcloud" |