ansible/roles/nextcloud/tasks/main.yml

107 lines
3.4 KiB
YAML
Raw Normal View History

2020-02-05 20:23:20 -06:00
#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Install, configure, and start Nextcloud
block:
- name: Install Nextcloud-required packages
apt:
name: "{{ packages }}"
vars:
packages:
2020-02-05 21:54:30 -06:00
- php-imagick
2020-02-05 23:56:41 -06:00
- name: Set up MySQL
block:
- name: Create database
mysql_db:
2020-02-06 01:42:12 -06:00
name: nextcloud
2020-02-05 23:56:41 -06:00
login_user: root
login_password: "{{ mysql_root_password }}"
state: present
- name: Create Nextcloud user
mysql_user:
name: nextcloud
host: localhost
password: "{{ nextcloud_mysql_password }}"
priv: "nextcloud.*:ALL,GRANT"
2020-02-05 23:56:41 -06:00
login_user: root
login_password: "{{ mysql_root_password }}"
2020-02-05 21:54:30 -06:00
- name: Set up Apache
block:
- name: Create webroot
file:
2020-02-05 22:09:35 -06:00
path: "{{ nextcloud_webroot }}"
2020-02-05 22:14:35 -06:00
mode: "0755"
2020-02-05 21:54:30 -06:00
recurse: yes
state: directory
- name: Check for existing installation
stat:
2020-02-05 22:09:35 -06:00
path: "{{ nextcloud_webroot }}/index.html"
2020-02-05 21:54:30 -06:00
register: stat_webroot_index
- name: Install Nextcloud
block:
- name: Download Nextcloud
get_url:
dest: /var/www/nextcloud.tar.bz2
url: "{{ nextcloud_tarbz2 }}"
2020-02-05 21:54:30 -06:00
- name: Extract Nextcloud
unarchive:
2020-02-05 21:58:04 -06:00
src: /var/www/nextcloud.tar.bz2
remote_src: yes
2020-02-05 22:09:35 -06:00
dest: "{{ nextcloud_webroot }}"
2020-02-05 21:54:30 -06:00
extra_opts: [--strip-components=1]
2020-02-06 00:20:43 -06:00
- name: Create data directory
file:
path: "/var/nextcloud"
2020-02-06 00:20:43 -06:00
state: directory
mode: 0700
owner: www-data
group: www-data
- name: Chown webroot
2020-02-06 00:20:43 -06:00
# Nextcloud docs say Apache needs write access, so it gets write access
file:
path: "{{ nextcloud_webroot }}"
state: directory
recurse: yes
2020-02-06 00:20:43 -06:00
owner: www-data
group: www-data
2020-02-05 21:54:30 -06:00
- name: Cleanup
file:
2020-02-05 22:12:56 -06:00
path: /var/www/nextcloud.tar.bz2
2020-02-05 21:54:30 -06:00
state: absent
when: not stat_webroot_index.stat.exists
2020-02-06 03:44:37 -06:00
- name: Set up Nextcloud cronjob
cron:
user: www-data
name: "nextcloud-cron"
2020-02-06 03:47:10 -06:00
minute: "*/5"
2020-02-06 04:05:34 -06:00
job: 'php -f "{{ nextcloud_webroot }}/cron.php"'
2020-02-05 20:23:20 -06:00
- name: Register certificates
block:
# Note: We copy over some insecure configs now
# Reason being there's no way for the https role to handle every site's
# configuration on its own. If it doesn't have to update the key, it
# won't reload Apache and our site will never actually see https downtime
- name: Configure insecure virtual host configs
template:
src: apache2-vhost.conf
dest: "/etc/apache2/sites-enabled/{{ nextcloud_url }}.conf"
- name: Generate certificate
include_role:
name: https
vars:
website_url: "{{ nextcloud_url }}"
website_webroot: "{{ nextcloud_webroot }}"
- name: Secure Apache
block:
# If we copied over http-only configs before, they get oblooterated now
- name: Copy over virtual host configs
template:
src: apache2-vhost-ssl.conf
dest: "/etc/apache2/sites-enabled/{{ nextcloud_url }}.conf"
- name: Reload Apache
service:
name: apache2
state: reloaded
2020-02-05 23:29:50 -06:00
enabled: true
become: yes