2020-02-05 20:23:20 -06:00
|
|
|
#!/usr/bin/ansible-playbook
|
|
|
|
|
# vim:ft=ansible:
|
|
|
|
|
---
|
|
|
|
|
- name: Install, configure, and start Nextcloud
|
|
|
|
|
block:
|
|
|
|
|
- name: Install Nextcloud-required packages
|
|
|
|
|
apt:
|
2020-04-18 03:15:41 -05:00
|
|
|
name:
|
|
|
|
|
- php-imagick
|
2020-06-26 23:48:41 -05:00
|
|
|
- php-redis
|
2020-08-15 15:33:02 -05:00
|
|
|
- php-pgsql
|
2020-09-18 03:56:47 -05:00
|
|
|
- php-bcmath
|
|
|
|
|
- php-gmp
|
2020-06-26 23:48:41 -05:00
|
|
|
notify: restart apache
|
2020-08-15 15:33:02 -05:00
|
|
|
- name: Set up PostgreSQL
|
|
|
|
|
block:
|
|
|
|
|
- name: Create DB user
|
|
|
|
|
postgresql_user:
|
|
|
|
|
name: nextcloud
|
|
|
|
|
password: "{{ nextcloud.db.pass }}"
|
|
|
|
|
login_host: "{{ nextcloud.db.hostname }}"
|
|
|
|
|
login_user: "{{ psql.ansible.user }}"
|
|
|
|
|
login_password: "{{ psql.ansible.pass }}"
|
|
|
|
|
- name: Create DB
|
|
|
|
|
postgresql_db:
|
|
|
|
|
name: nextcloud
|
|
|
|
|
owner: nextcloud
|
|
|
|
|
encoding: UNICODE
|
|
|
|
|
login_host: "{{ nextcloud.db.hostname }}"
|
|
|
|
|
login_user: "{{ psql.ansible.user }}"
|
|
|
|
|
login_password: "{{ psql.ansible.pass }}"
|
|
|
|
|
tags: [ postgresql ]
|
2020-02-05 21:54:30 -06:00
|
|
|
- name: Set up Apache
|
|
|
|
|
block:
|
|
|
|
|
- name: Create webroot
|
|
|
|
|
file:
|
2020-02-05 22:09:35 -06:00
|
|
|
path: "{{ nextcloud_webroot }}"
|
2020-05-06 00:31:49 -05:00
|
|
|
mode: "0750"
|
2020-02-05 21:54:30 -06:00
|
|
|
state: directory
|
|
|
|
|
- name: Check for existing installation
|
|
|
|
|
stat:
|
2020-02-05 22:09:35 -06:00
|
|
|
path: "{{ nextcloud_webroot }}/index.html"
|
2020-02-05 21:54:30 -06:00
|
|
|
register: stat_webroot_index
|
|
|
|
|
- name: Install Nextcloud
|
|
|
|
|
block:
|
|
|
|
|
- name: Download Nextcloud
|
|
|
|
|
get_url:
|
2020-02-05 21:56:33 -06:00
|
|
|
dest: /var/www/nextcloud.tar.bz2
|
|
|
|
|
url: "{{ nextcloud_tarbz2 }}"
|
2020-02-05 21:54:30 -06:00
|
|
|
- name: Extract Nextcloud
|
|
|
|
|
unarchive:
|
2020-02-05 21:58:04 -06:00
|
|
|
src: /var/www/nextcloud.tar.bz2
|
|
|
|
|
remote_src: yes
|
2020-02-05 22:09:35 -06:00
|
|
|
dest: "{{ nextcloud_webroot }}"
|
2020-02-05 21:54:30 -06:00
|
|
|
extra_opts: [--strip-components=1]
|
2020-02-26 18:53:20 -06:00
|
|
|
notify: restart apache
|
2020-02-05 22:48:21 -06:00
|
|
|
- name: Chown webroot
|
2020-02-06 00:20:43 -06:00
|
|
|
# Nextcloud docs say Apache needs write access, so it gets write access
|
2020-02-05 22:48:21 -06:00
|
|
|
file:
|
|
|
|
|
path: "{{ nextcloud_webroot }}"
|
|
|
|
|
state: directory
|
|
|
|
|
recurse: yes
|
2020-02-06 00:20:43 -06:00
|
|
|
owner: www-data
|
|
|
|
|
group: www-data
|
2020-02-05 21:54:30 -06:00
|
|
|
- name: Cleanup
|
|
|
|
|
file:
|
2020-02-05 22:12:56 -06:00
|
|
|
path: /var/www/nextcloud.tar.bz2
|
2020-02-05 21:54:30 -06:00
|
|
|
state: absent
|
|
|
|
|
when: not stat_webroot_index.stat.exists
|
2020-08-15 05:11:50 -05:00
|
|
|
- name: Create data directory
|
|
|
|
|
file:
|
|
|
|
|
path: "/var/nextcloud"
|
|
|
|
|
state: directory
|
|
|
|
|
mode: 0700
|
|
|
|
|
owner: www-data
|
|
|
|
|
group: www-data
|
|
|
|
|
- name: Set up EFS mount
|
|
|
|
|
block:
|
|
|
|
|
- name: Install required packages
|
|
|
|
|
apt:
|
|
|
|
|
name:
|
|
|
|
|
- nfs-client
|
|
|
|
|
- name: Create EFS
|
|
|
|
|
efs:
|
|
|
|
|
name: "{{ nextcloud.efs.name }}"
|
|
|
|
|
encrypt: yes
|
|
|
|
|
region: "{{ nextcloud.efs.region }}"
|
|
|
|
|
targets:
|
|
|
|
|
- subnet_id: "{{ nextcloud.efs.subnet_id }}"
|
|
|
|
|
security_groups: [ "{{ nextcloud.efs.security_group }}" ]
|
|
|
|
|
register: efs
|
|
|
|
|
- name: Mount EFS
|
|
|
|
|
mount:
|
|
|
|
|
path: /var/nextcloud
|
|
|
|
|
src: "{{ efs.efs.filesystem_address }}"
|
|
|
|
|
fstype: nfs4
|
|
|
|
|
opts: "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport"
|
|
|
|
|
state: mounted
|
|
|
|
|
when : nextcloud.efs.name is defined
|
|
|
|
|
tags: [ nextcloudefs ]
|
2020-05-06 00:31:49 -05:00
|
|
|
- name: Assert permissions
|
|
|
|
|
block:
|
|
|
|
|
- name: Tighten config.php
|
|
|
|
|
file:
|
|
|
|
|
path: "{{ nextcloud_webroot }}/config/config.php"
|
2020-05-06 23:22:35 -05:00
|
|
|
mode: "0640"
|
2020-05-06 00:31:49 -05:00
|
|
|
- name: Loosen occ
|
|
|
|
|
file:
|
|
|
|
|
path: "{{ nextcloud_webroot }}/occ"
|
|
|
|
|
mode: "0755"
|
2020-02-06 03:44:37 -06:00
|
|
|
- name: Set up Nextcloud cronjob
|
|
|
|
|
cron:
|
|
|
|
|
user: www-data
|
|
|
|
|
name: "nextcloud-cron"
|
2020-02-06 03:47:10 -06:00
|
|
|
minute: "*/5"
|
2020-02-06 04:05:34 -06:00
|
|
|
job: 'php -f "{{ nextcloud_webroot }}/cron.php"'
|
2020-02-20 05:28:39 -06:00
|
|
|
- name: Copy over virtual host configs
|
|
|
|
|
template:
|
|
|
|
|
src: apache2-vhost-ssl.conf
|
2020-08-02 19:43:08 -05:00
|
|
|
dest: "/etc/apache2/sites-available/{{ nextcloud.url }}.conf"
|
2020-02-27 05:16:02 -06:00
|
|
|
notify: restart apache
|
|
|
|
|
- name: Enable config
|
|
|
|
|
command:
|
2020-08-02 19:43:08 -05:00
|
|
|
cmd: "a2ensite {{ nextcloud.url }}.conf"
|
|
|
|
|
creates: "/etc/apache2/sites-enabled/{{ nextcloud.url }}.conf"
|
2020-02-26 18:53:20 -06:00
|
|
|
notify: restart apache
|
2020-02-20 05:28:39 -06:00
|
|
|
- name: Generate certificate
|
|
|
|
|
include_role:
|
|
|
|
|
name: https
|
|
|
|
|
vars:
|
2020-08-02 19:43:08 -05:00
|
|
|
website_url: "{{ nextcloud.url }}"
|
2020-02-20 05:28:39 -06:00
|
|
|
website_webroot: "{{ nextcloud_webroot }}"
|
2020-05-06 01:59:17 -05:00
|
|
|
- name: Template out backup module
|
|
|
|
|
template:
|
|
|
|
|
src: "backup.sh"
|
2020-08-02 19:43:08 -05:00
|
|
|
dest: "/opt/backups/modules/{{ nextcloud.url }}.sh"
|
2020-05-06 01:59:17 -05:00
|
|
|
mode: "0600"
|
2020-02-05 21:13:04 -06:00
|
|
|
become: yes
|
