#!/usr/bin/ansible-playbook # vim:ft=ansible: --- - name: Install, configure, and start Nextcloud block: - name: Install Nextcloud-required packages apt: name: - php-imagick - php-redis - php-pgsql - php-bcmath - php-gmp notify: restart apache - name: Set up PostgreSQL block: - name: Create DB user postgresql_user: name: nextcloud password: "{{ nextcloud.db.pass }}" login_host: "{{ nextcloud.db.hostname }}" login_user: "{{ psql.ansible.user }}" login_password: "{{ psql.ansible.pass }}" - name: Create DB postgresql_db: name: nextcloud owner: nextcloud encoding: UNICODE login_host: "{{ nextcloud.db.hostname }}" login_user: "{{ psql.ansible.user }}" login_password: "{{ psql.ansible.pass }}" tags: [ postgresql ] - name: Set up Apache block: - name: Create webroot file: path: "{{ nextcloud_webroot }}" mode: "0750" state: directory - name: Check for existing installation stat: path: "{{ nextcloud_webroot }}/index.html" register: stat_webroot_index - name: Install Nextcloud block: - name: Download Nextcloud get_url: dest: /var/www/nextcloud.tar.bz2 url: "{{ nextcloud_tarbz2 }}" - name: Extract Nextcloud unarchive: src: /var/www/nextcloud.tar.bz2 remote_src: yes dest: "{{ nextcloud_webroot }}" extra_opts: [--strip-components=1] notify: restart apache - name: Chown webroot # Nextcloud docs say Apache needs write access, so it gets write access file: path: "{{ nextcloud_webroot }}" state: directory recurse: yes owner: www-data group: www-data - name: Cleanup file: path: /var/www/nextcloud.tar.bz2 state: absent when: not stat_webroot_index.stat.exists - name: Create data directory file: path: "/var/nextcloud" state: directory mode: 0700 owner: www-data group: www-data - name: Set up EFS mount block: - name: Install required packages apt: name: - nfs-client - name: Create EFS efs: name: "{{ nextcloud.efs.name }}" encrypt: yes region: "{{ nextcloud.efs.region }}" targets: - subnet_id: "{{ nextcloud.efs.subnet_id }}" security_groups: [ "{{ nextcloud.efs.security_group }}" ] register: efs - name: Mount EFS mount: path: /var/nextcloud src: "{{ efs.efs.filesystem_address }}" fstype: nfs4 opts: "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport" state: mounted when : nextcloud.efs.name is defined tags: [ nextcloudefs ] - name: Assert permissions block: - name: Tighten config.php file: path: "{{ nextcloud_webroot }}/config/config.php" mode: "0640" - name: Loosen occ file: path: "{{ nextcloud_webroot }}/occ" mode: "0755" - name: Set up Nextcloud cronjob cron: user: www-data name: "nextcloud-cron" minute: "*/5" job: 'php -f "{{ nextcloud_webroot }}/cron.php"' - name: Copy over virtual host configs template: src: apache2-vhost-ssl.conf dest: "/etc/apache2/sites-available/{{ nextcloud.url }}.conf" notify: restart apache - name: Enable config command: cmd: "a2ensite {{ nextcloud.url }}.conf" creates: "/etc/apache2/sites-enabled/{{ nextcloud.url }}.conf" notify: restart apache - name: Generate certificate include_role: name: https vars: website_url: "{{ nextcloud.url }}" website_webroot: "{{ nextcloud_webroot }}" - name: Template out backup module template: src: "backup.sh" dest: "/opt/backups/modules/{{ nextcloud.url }}.sh" mode: "0600" become: yes