--- - name: create zfs datasets when: onlyoffice_zfs is defined block: - name: create zfs base dataset zfs: name: "{{ onlyoffice_zfs.pool }}/{{ onlyoffice_zfs.name }}" state: present extra_zfs_properties: "{{ onlyoffice_zfs.properties | default(omit) }}" - name: create zfs volumes for instances loop: "{{ onlyoffice_instances | dict2items }}" loop_control: label: "{{ item.key }} ({{ (item.value.zfs_properties | default({})).items() | map('join', '=') | join(', ') }})" zfs: name: "{{ onlyoffice_zfs.pool }}/{{ onlyoffice_zfs.name }}/{{ item.key }}" state: present extra_zfs_properties: "{{ item.value.zfs_properties | default(omit) }}" - name: configure onlyoffice base bath set_fact: onlyoffice_base_path: "{{ (zfs_pools[onlyoffice_zfs.pool].mountpoint, onlyoffice_zfs.name) | path_join }}" - name: create instance subdirectories when: onlyoffice_zfs is not defined loop: "{{ onlyoffice_instances | list }}" file: path: "{{ onlyoffice_base_path }}/{{ item }}" state: directory # TODO: run documentserver components as non-root # - name: add group for onlyoffice app # group: # name: oo-app # gid: "{{ onlyoffice_app_gid }}" # - name: add user for onlyoffice app # user: # name: oo-app # uid: "{{ onlyoffice_app_uid }}" # group: oo-app # password: "!" # - name: create onlyoffice app subdirectory # loop: "{{ onlyoffice_instances | list }}" # file: # path: "{{ onlyoffice_base_path }}/{{ item }}/onlyoffice" # owner: "{{ onlyoffice_app_uid }}" # group: "{{ onlyoffice_app_gid }}" # state: directory - name: add group for onlyoffice db group: name: oo-db gid: "{{ onlyoffice_db_gid }}" - name: add user for onlyoffice db user: name: oo-db uid: "{{ onlyoffice_db_uid }}" group: oo-db password: "!" - name: create onlyoffice database subdirectory loop: "{{ onlyoffice_instances | dict2items}}" loop_control: label: "{{ item.key }}" file: path: "{{ onlyoffice_base_path }}/{{ item.key }}/postgres" owner: "{{ onlyoffice_db_uid }}" group: "{{ onlyoffice_db_gid }}" state: directory # TODO: run documentserver components as non-root # - name: add group for onlyoffice aqmp # group: # name: oo-aqmp # gid: "{{ onlyoffice_aqmp_gid }}" # - name: add user for onlyoffice aqmp # user: # name: oo-aqmp # uid: "{{ onlyoffice_aqmp_uid }}" # group: oo-aqmp # password: "!" # - name: create onlyoffice aqmp subdirectory # loop: "{{ onlyoffice_instances | list }}" # file: # path: "{{ onlyoffice_base_path }}/{{ item }}/onlyoffice" # owner: "{{ onlyoffice_aqmp_uid }}" # group: "{{ onlyoffice_aqmp_gid }}" # state: directory # TODO: AQMP config? # - name: create onlyoffice rabbitmq subdirectory # loop: "{{ onlyoffice_instances | dict2items}}" # loop_control: # label: "{{ item.key }}" # file: # path: "{{ onlyoffice_base_path }}/{{ item.key }}/rabbitmq" # state: directory # - name: install rabbitmq config snipped # loop: "{{ onlyoffice_instances | dict2items}}" # loop_control: # label: "{{ item.key }}" # copy: # dest: "{{ onlyoffice_base_path }}/{{ item.key }}/rabbitmq/config" # content: | # management.tcp.ip = 127.0.0.1 - name: install pod manifest loop: "{{ onlyoffice_instances | dict2items }}" loop_control: label: "{{ item.key }}" vars: kubernetes_standalone_pod: name: "onlyoffice-{{ item.key }}" spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" mode: "0600" # TODO: AQMP config? # config_hash_items: # - path: "{{ onlyoffice_base_path }}/{{ item.key }}/rabbitmq/config" # properties: # - checksum include_role: name: kubernetes/standalone/pod - name: configure nginx vhost loop: "{{ onlyoffice_instances | dict2items }}" loop_control: label: "{{ item.key }}" vars: nginx_vhost: name: "onlyoffice-{{ item.key }}" template: generic-proxy-no-buffering-with-acme acme: true hostnames: - "{{ item.value.hostname }}" locations: '/': proxy_pass: "http://127.0.0.1:{{ item.value.port }}" extra_directives: |- client_max_body_size 0; include_role: name: nginx/vhost