ansible/roles/nextcloud/tasks/main.yml

#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Install, configure, and start Nextcloud
  block:
  - name: Install Nextcloud-required packages
    apt:
      name:
        - php-imagick
  - name: Set up MySQL
    block:
      - name: Create database
        mysql_db:
          name: nextcloud
          login_user: root
          login_password: "{{ mysql_root_password }}"
          state: present
      - name: Create Nextcloud user
        mysql_user:
          name: nextcloud
          host: localhost
          password: "{{ nextcloud_mysql_password }}"
          priv: "nextcloud.*:ALL,GRANT"
          login_user: root
          login_password: "{{ mysql_root_password }}"
  - name: Set up Apache
    block:
      - name: Create webroot
        file:
          path: "{{ nextcloud_webroot }}"
          mode: "0750"
          state: directory
      - name: Check for existing installation
        stat:
          path: "{{ nextcloud_webroot }}/index.html"
        register: stat_webroot_index
      - name: Install Nextcloud
        block:
          - name: Download Nextcloud
            get_url:
              dest: /var/www/nextcloud.tar.bz2
              url: "{{ nextcloud_tarbz2 }}"
          - name: Extract Nextcloud
            unarchive:
              src: /var/www/nextcloud.tar.bz2
              remote_src: yes
              dest: "{{ nextcloud_webroot }}"
              extra_opts: [--strip-components=1]
            notify: restart apache
          - name: Create data directory
            file:
              path: "/var/nextcloud"
              state: directory
              mode: 0700
              owner: www-data
              group: www-data
          - name: Chown webroot
            # Nextcloud docs say Apache needs write access, so it gets write access
            file:
              path: "{{ nextcloud_webroot }}"
              state: directory
              recurse: yes
              owner: www-data
              group: www-data
          - name: Cleanup
            file:
              path: /var/www/nextcloud.tar.bz2
              state: absent
        when: not stat_webroot_index.stat.exists
      - name: Assert permissions
        block:
          - name: Tighten config.php
            file:
              path: "{{ nextcloud_webroot }}/config/config.php"
              mode: "0640"
          - name: Loosen occ
            file:
              path: "{{ nextcloud_webroot }}/occ"
              mode: "0755"
      - name: Set up Nextcloud cronjob
        cron:
          user: www-data
          name: "nextcloud-cron"
          minute: "*/5"
          job: 'php -f "{{ nextcloud_webroot }}/cron.php"'
  - name: Copy over virtual host configs
    template:
      src: apache2-vhost-ssl.conf
      dest: "/etc/apache2/sites-available/{{ nextcloud_url }}.conf"
    notify: restart apache
  - name: Enable config
    command:
      cmd: "a2ensite {{ nextcloud_url }}.conf"
      creates: "/etc/apache2/sites-enabled/{{ nextcloud_url }}.conf"
    notify: restart apache
  - name: Generate certificate
    include_role:
      name: https
    vars:
      website_url: "{{ nextcloud_url }}"
      website_webroot: "{{ nextcloud_webroot }}"
  - name: Template out backup module
    template:
      src: "backup.sh"
      dest: "/opt/backups/modules/{{ nextcloud_url }}.sh"
      mode: "0600"
  become: yes
Add disfunctional Nextcloud role 2020-02-05 20:23:20 -06:00			`#!/usr/bin/ansible-playbook`
			`# vim:ft=ansible:`
			`---`
			`- name: Install, configure, and start Nextcloud`
			`block:`
			`- name: Install Nextcloud-required packages`
			`apt:`
Make nextcloud role less verbose 2020-04-18 03:15:41 -05:00			`name:`
			`- php-imagick`
Set up a database for nextcloud 2020-02-05 23:56:41 -06:00			`- name: Set up MySQL`
			`block:`
			`- name: Create database`
			`mysql_db:`
Change nextcloud db name 2020-02-06 01:42:12 -06:00			`name: nextcloud`
Set up a database for nextcloud 2020-02-05 23:56:41 -06:00			`login_user: root`
			`login_password: "{{ mysql_root_password }}"`
			`state: present`
			`- name: Create Nextcloud user`
			`mysql_user:`
			`name: nextcloud`
			`host: localhost`
			`password: "{{ nextcloud_mysql_password }}"`
Add php configs, also add an unused mysql config 2020-02-06 03:17:15 -06:00			`priv: "nextcloud.*:ALL,GRANT"`
Set up a database for nextcloud 2020-02-05 23:56:41 -06:00			`login_user: root`
			`login_password: "{{ mysql_root_password }}"`
Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00			`- name: Set up Apache`
			`block:`
			`- name: Create webroot`
			`file:`
Refactor variable names, get SSL ready 2020-02-05 22:09:35 -06:00			`path: "{{ nextcloud_webroot }}"`
Assert more specific permissions with Nextcloud 2020-05-06 00:31:49 -05:00			`mode: "0750"`
Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00			`state: directory`
			`- name: Check for existing installation`
			`stat:`
Refactor variable names, get SSL ready 2020-02-05 22:09:35 -06:00			`path: "{{ nextcloud_webroot }}/index.html"`
Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00			`register: stat_webroot_index`
			`- name: Install Nextcloud`
			`block:`
			`- name: Download Nextcloud`
			`get_url:`
Use an archive Nextcloud actually provides 2020-02-05 21:56:33 -06:00			`dest: /var/www/nextcloud.tar.bz2`
			`url: "{{ nextcloud_tarbz2 }}"`
Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00			`- name: Extract Nextcloud`
			`unarchive:`
Use remote_src PROPERLY 2020-02-05 21:58:04 -06:00			`src: /var/www/nextcloud.tar.bz2`
			`remote_src: yes`
Refactor variable names, get SSL ready 2020-02-05 22:09:35 -06:00			`dest: "{{ nextcloud_webroot }}"`
Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00			`extra_opts: [--strip-components=1]`
Use handlers for Apache restarts, reorganize Minecraft tasks 2020-02-26 18:53:20 -06:00			`notify: restart apache`
Fix permissions on Nextcloud webroot 2020-02-06 00:20:43 -06:00			`- name: Create data directory`
			`file:`
Create more appropriate Nextcloud directory 2020-02-06 00:53:47 -06:00			`path: "/var/nextcloud"`
Fix permissions on Nextcloud webroot 2020-02-06 00:20:43 -06:00			`state: directory`
Create more appropriate Nextcloud directory 2020-02-06 00:53:47 -06:00			`mode: 0700`
			`owner: www-data`
			`group: www-data`
Fix some bad Apache configs, set up ability for apache to nab its keys Getting there, step by step 2020-02-05 22:48:21 -06:00			`- name: Chown webroot`
Fix permissions on Nextcloud webroot 2020-02-06 00:20:43 -06:00			`# Nextcloud docs say Apache needs write access, so it gets write access`
Fix some bad Apache configs, set up ability for apache to nab its keys Getting there, step by step 2020-02-05 22:48:21 -06:00			`file:`
			`path: "{{ nextcloud_webroot }}"`
			`state: directory`
			`recurse: yes`
Fix permissions on Nextcloud webroot 2020-02-06 00:20:43 -06:00			`owner: www-data`
			`group: www-data`
Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00			`- name: Cleanup`
			`file:`
Fix removing the wrong archive file 2020-02-05 22:12:56 -06:00			`path: /var/www/nextcloud.tar.bz2`
Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00			`state: absent`
			`when: not stat_webroot_index.stat.exists`
Assert more specific permissions with Nextcloud 2020-05-06 00:31:49 -05:00			`- name: Assert permissions`
			`block:`
			`- name: Tighten config.php`
			`file:`
			`path: "{{ nextcloud_webroot }}/config/config.php"`
Fix perms on config.php This is what NC sets it to every time I change it lol 2020-05-06 23:22:35 -05:00			`mode: "0640"`
Assert more specific permissions with Nextcloud 2020-05-06 00:31:49 -05:00			`- name: Loosen occ`
			`file:`
			`path: "{{ nextcloud_webroot }}/occ"`
			`mode: "0755"`
Set up Nextcloud cronjob 2020-02-06 03:44:37 -06:00			`- name: Set up Nextcloud cronjob`
			`cron:`
			`user: www-data`
			`name: "nextcloud-cron"`
Fix typo in cronjob minute 2020-02-06 03:47:10 -06:00			`minute: "*/5"`
Fix quoting on cronjob 2020-02-06 04:05:34 -06:00			`job: 'php -f "{{ nextcloud_webroot }}/cron.php"'`
Migrate nextcloud 2020-02-20 05:28:39 -06:00			`- name: Copy over virtual host configs`
			`template:`
			`src: apache2-vhost-ssl.conf`
Migrate domains, reorganize websites so that they actually leverage sites-available and sites-enabled 2020-02-27 05:16:02 -06:00			`dest: "/etc/apache2/sites-available/{{ nextcloud_url }}.conf"`
			`notify: restart apache`
			`- name: Enable config`
			`command:`
			`cmd: "a2ensite {{ nextcloud_url }}.conf"`
			`creates: "/etc/apache2/sites-enabled/{{ nextcloud_url }}.conf"`
Use handlers for Apache restarts, reorganize Minecraft tasks 2020-02-26 18:53:20 -06:00			`notify: restart apache`
Migrate nextcloud 2020-02-20 05:28:39 -06:00			`- name: Generate certificate`
			`include_role:`
			`name: https`
			`vars:`
			`website_url: "{{ nextcloud_url }}"`
			`website_webroot: "{{ nextcloud_webroot }}"`
Add backup script for Nextcloud 2020-05-06 01:59:17 -05:00			`- name: Template out backup module`
			`template:`
			`src: "backup.sh"`
			`dest: "/opt/backups/modules/{{ nextcloud_url }}.sh"`
			`mode: "0600"`
Create well-known directory So close now 2020-02-05 21:13:04 -06:00			`become: yes`