--- - name: prepare storage volume for nextcloud vars: storage_volume: "{{ elevate_media_nextcloud_storage | combine({'dest': elevate_media_nextcloud_base_path}) }}" include_role: name: "storage/{{ elevate_media_nextcloud_storage.type }}/volume" - name: create nextcloud app subdirectory file: path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/nextcloud" owner: "{{ elevate_media_share_uid }}" group: "{{ elevate_media_share_gid }}" state: directory - name: add group for nextcloud db group: name: nc-db gid: "{{ elevate_media_nextcloud_db_gid }}" - name: add user for nextcloud db user: name: nc-db uid: "{{ elevate_media_nextcloud_db_uid }}" group: nc-db password: "!" - name: create nextcloud database subdirectory file: path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/{{ elevate_media_nextcloud_instance.database.type }}" owner: "{{ elevate_media_nextcloud_db_uid }}" group: "{{ elevate_media_nextcloud_db_gid }}" state: directory - name: add group for nextcloud redis group: name: nc-redis gid: "{{ elevate_media_nextcloud_redis_gid }}" - name: add user for nextcloud redis user: name: nc-redis uid: "{{ elevate_media_nextcloud_redis_uid }}" group: nc-redis password: "!" - name: create nextcloud database subdirectory file: path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/redis" owner: "{{ elevate_media_nextcloud_redis_uid }}" group: "{{ elevate_media_nextcloud_redis_gid }}" state: directory - name: create auxiliary config directory file: path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config" state: directory - name: create apache vhost config template: src: nextcloud-apache-site.conf.j2 dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/apache-site.conf" - name: configure apache to run on port 8080 only copy: content: | Listen 8080 dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/ports.conf" - name: build custom image include_tasks: nextcloud-custom-image.yml - name: install pod manifest vars: kubernetes_standalone_pod: name: "nextcloud-{{ elevate_media_nextcloud_instance_name }}" spec: "{{ lookup('template', 'nextcloud-pod-spec-with-{{ elevate_media_nextcloud_instance.database.type }}.yml.j2') }}" mode: "0600" config_hash_items: - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/apache-site.conf" properties: - checksum - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/ports.conf" properties: - checksum - path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/build/Dockerfile" properties: - checksum include_role: name: kubernetes/standalone/pod - name: install cron trigger script template: src: nextcloud-run-cron.sh.j2 dest: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/run-cron.sh" mode: 0755 - name: install template systemd unit for cron trigger template: src: nextcloud-cron@.service.j2 dest: /etc/systemd/system/nextcloud-cron@.service - name: install systemd timer unit template: src: nextcloud-cron-.timer.j2 dest: "/etc/systemd/system/nextcloud-cron-{{ elevate_media_nextcloud_instance_name }}.timer" - name: start/enable cron trigger systemd timer systemd: daemon_reload: yes name: "nextcloud-cron-{{ elevate_media_nextcloud_instance_name }}.timer" state: started enabled: yes - name: configure nginx vhost vars: nginx_vhost: name: "nextcloud-{{ elevate_media_nextcloud_instance_name }}" template: generic tls: certificate_provider: "{{ acme_client }}" hostnames: "{{ elevate_media_nextcloud_instance.hostnames }}" locations: '/': proxy_pass: "http://127.0.0.1:{{ elevate_media_nextcloud_instance.port }}" proxy_redirect: - redirect: "http://$host/" replacement: "https://$host/" - redirect: "http://$host:8080/" replacement: "https://$host/" extra_directives: |- client_max_body_size 0; types { text/javascript js mjs; } include_role: name: nginx/vhost - name: install management scripts loop: - nextcloud-upgrade - nextcloud-occ template: src: "{{ item }}.j2" dest: "/usr/local/bin/{{ item }}" mode: 0755 ### TODO: proper way to wait for app and database pods to become ready!!! - name: fetch status of nextcloud instance check_mode: no command: "nextcloud-occ '{{ elevate_media_nextcloud_instance_name }}' status -n --no-warnings --output json" environment: NEXTCLOUD_OCC_NON_INTERACTIVE: "1" changed_when: false register: nextcloud_status until: "nextcloud_status is not failed" retries: 10 delay: 5 - name: parse status of nextcloud instance set_fact: nextcloud_status: "{{ nextcloud_status.stdout | from_json }}" ### TODO: hardcoded database type (mariadb/mysql)... - name: run nextcloud installer when: not nextcloud_status.installed command: "nextcloud-occ '{{ elevate_media_nextcloud_instance_name }}' maintenance:install -n '--database=mysql' '--database-name=nextcloud' '--database-host=127.0.0.1' '--database-user=nextcloud' '--database-pass={{ elevate_media_nextcloud_instance.database.password }}' '--admin-user={{ elevate_media_nextcloud_instance.admin.username }}' '--admin-pass={{ elevate_media_nextcloud_instance.admin.password }}'" environment: NEXTCLOUD_OCC_NON_INTERACTIVE: "1" register: nextcloud_installer_output ### TODO: call these commands ## nextcloud-occ media.elev8.at config:system:set trusted_domains 0 --value='media.elev8.at' ## nextcloud-occ media.elev8.at config:system:set overwriteprotocol --value='https' ## nextcloud-occ media.elev8.at config:system:set overwrite.cli.url --value='https://media.elev8.at' ## nextcloud-occ media.elev8.at config:system:set default_phone_region --value='at' ## nextcloud-occ media.elev8.at config:system:set memcache.locking --value '\OC\Memcache\Redis' ## nextcloud-occ media.elev8.at config:system:set redis host --value '127.0.0.1' ## nextcloud-occ media.elev8.at config:system:set redis port --type integer --value 6379 ## nextcloud-occ media.elev8.at config:system:set redis timeout --type float --value 0.0 ## nextcloud-occ media.elev8.at config:system:set redis password