From bdaaf1336f989c3b9460ced235fd50702b9951e1 Mon Sep 17 00:00:00 2001 From: Salt Date: Sat, 15 Aug 2020 05:11:50 -0500 Subject: [PATCH] Move Nextcloud to an EFS mount --- inventory/group_vars/9iron.club.yml | 5 ++++ roles/nextcloud/tasks/main.yml | 38 +++++++++++++++++++++++------ 2 files changed, 36 insertions(+), 7 deletions(-) diff --git a/inventory/group_vars/9iron.club.yml b/inventory/group_vars/9iron.club.yml index 0e1698c..cd9aa65 100644 --- a/inventory/group_vars/9iron.club.yml +++ b/inventory/group_vars/9iron.club.yml @@ -108,6 +108,11 @@ nextcloud: 66373234633939393034353439393465663131303661393164303335336435653734613064663964 3332313764623133630a393731613236373837316437653265636663666261383135636662373566 61373135303632336237333836353764646639633735323566346366623766646266 + efs: + name: "9iron-nextcloud" + region: "us-east-2" + subnet_id: "subnet-852935ed" + security_group: "sg-4f4b692c" url: "nc.9iron.club" # Pleroma pleroma: diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index a4109b0..f7e8662 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -49,13 +49,6 @@ dest: "{{ nextcloud_webroot }}" extra_opts: [--strip-components=1] notify: restart apache - - name: Create data directory - file: - path: "/var/nextcloud" - state: directory - mode: 0700 - owner: www-data - group: www-data - name: Chown webroot # Nextcloud docs say Apache needs write access, so it gets write access file: @@ -69,6 +62,37 @@ path: /var/www/nextcloud.tar.bz2 state: absent when: not stat_webroot_index.stat.exists + - name: Create data directory + file: + path: "/var/nextcloud" + state: directory + mode: 0700 + owner: www-data + group: www-data + - name: Set up EFS mount + block: + - name: Install required packages + apt: + name: + - nfs-client + - name: Create EFS + efs: + name: "{{ nextcloud.efs.name }}" + encrypt: yes + region: "{{ nextcloud.efs.region }}" + targets: + - subnet_id: "{{ nextcloud.efs.subnet_id }}" + security_groups: [ "{{ nextcloud.efs.security_group }}" ] + register: efs + - name: Mount EFS + mount: + path: /var/nextcloud + src: "{{ efs.efs.filesystem_address }}" + fstype: nfs4 + opts: "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport" + state: mounted + when : nextcloud.efs.name is defined + tags: [ nextcloudefs ] - name: Assert permissions block: - name: Tighten config.php