]> git.somenet.org - root/pub/somesible.git/blob - roles/service/nextcloud/tasks/main.yml
roles/base/backup/files
[root/pub/somesible.git] / roles / service / nextcloud / tasks / main.yml
1 #####################################
2 ### someone"s ansible provisioner ###
3 #####################################
4 # Part of: https://git.somenet.org/root/pub/somesible.git
5 # 2017-2024 by someone <someone@somenet.org>
6 #
7 ---
8 #- name: create postgres-db and user
9 #  include_role:
10 #    name: util/postgres-db-usr
11 #  vars:
12 #    pg_data:
13 #      db_server_delegate: "{{nextcloud_db_server_delegate}}"
14 #      dbname: "{{nextcloud_db_name}}"
15 #      pw: "{{nextcloud_db_pw}}"
16 #  when: nextcloud_db_create | default('True')
17
18
19 - name: include vars_nginx_vhost_custom
20   include_vars:
21     file: "{{item}}"
22     name: vars_nginx_vhost_custom
23   with_first_found:
24     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/{{nextcloud_domain}}-vars_nginx_vhost_custom.yml"
25     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/{{nextcloud_domain}}-vars_nginx_vhost_custom.yml"
26     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/{{nextcloud_domain}}-vars_nginx_vhost_custom.yml"
27     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/vars_nginx_vhost_custom.yml"
28     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/vars_nginx_vhost_custom.yml"
29     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/vars_nginx_vhost_custom.yml"
30     - "default/vars_nginx_vhost_custom.yml"
31
32
33 - name: configure gitweb vhost
34   include_role:
35     name: server/nginx/vhost-unified
36   vars:
37     vhost_type: "custom+php"
38     vhost_name: "{{nextcloud_domain}}"
39     vhost_php_custom: ["bzip2", "php8.2-apcu", "php8.2-bcmath", "php8.2-pgsql", "php8.2-curl", "php8.2-gd", "php8.2-gmp", "php8.2-intl", "php-imagick", "php8.2-mbstring", "php8.2-xml", "php8.2-zip"]
40     vhost_dotfile_protection: False
41     vhost_custom:
42       vhost_custom_pre_server: "{{vars_nginx_vhost_custom.vhost_custom_pre_server}}"
43       vhost_custom: "{{vars_nginx_vhost_custom.vhost_custom}}"
44
45
46 - name: set up data-dir
47   file:
48     path: "{{nextcloud_data_dir_path}}"
49     state: directory
50     mode: 0750
51     owner: "www-data"
52     group: "www-data"
53
54
55 - name: download nextcloud release and check checksums
56   get_url:
57     url: "{{nextcloud_download_url}}"
58     dest: "/var/www/{{nextcloud_domain}}-nextcloud.tar.bz2"
59     mode: 0640
60     owner: "www-data"
61     group: "www-data"
62     checksum: "{{nextcloud_download_checksum}}"
63     timeout: 30
64   tags: "online"
65   register: download
66
67
68 - name: set up new webroot-dir
69   file:
70     path: "/var/www/{{nextcloud_domain}}.tmp"
71     state: directory
72     mode: 0750
73     owner: "www-data"
74     group: "www-data"
75   when: download.changed
76
77
78 - name: download and extract nextcloud files
79   unarchive:
80     src: "/var/www/{{nextcloud_domain}}-nextcloud.tar.bz2"
81     dest: "/var/www/{{nextcloud_domain}}.tmp"
82     remote_src: yes
83     mode: "u=rwX,g=rX,o-rwx"
84     owner: "www-data"
85     group: "www-data"
86     extra_opts:
87       - '--strip-components=1'
88       - '--show-stored-names'
89   when: download.changed
90
91
92 - name: use existing config file
93   command: "mv /var/www/{{nextcloud_domain}}/config/config.php /var/www/{{nextcloud_domain}}.tmp/config/"
94   args:
95     removes: "/var/www/{{nextcloud_domain}}/config/config.php"
96   when: download.changed
97
98
99 - name: remove old files
100   file:
101     path: "/var/www/{{nextcloud_domain}}"
102     state: absent
103   when: download.changed
104
105
106 - name: move newly extracted files to destination
107   command: "mv /var/www/{{nextcloud_domain}}.tmp /var/www/{{nextcloud_domain}}"
108   args:
109     creates: "/var/www/{{nextcloud_domain}}"
110   when: download.changed
111
112
113 - name: remove possibly left over files
114   file:
115     path: "/var/www/{{nextcloud_domain}}.tmp"
116     state: absent
117   when: download.changed
118
119
120 - name: install nextcloud
121   become: true
122   become_user: "www-data"
123   command: >
124     php occ maintenance:install
125     --database=pgsql
126     --database-host="{{nextcloud_db_host}}"
127     --database-name="{{nextcloud_db_name}}"
128     --database-user="{{nextcloud_db_name}}"
129     --database-pass="{{nextcloud_db_pw}}"
130     --admin-user="{{nextcloud_admin_user}}"
131     --admin-pass="{{nextcloud_admin_pw}}"
132     --data-dir="{{nextcloud_data_dir_path}}/data"
133   args:
134     chdir: "/var/www/{{nextcloud_domain}}"
135     creates: "/var/www/{{nextcloud_domain}}/config/config.php"
136   when: download.changed
137
138
139 - name: write-unlock config
140   become: true
141   become_user: "www-data"
142   lineinfile:
143     path: "/var/www/{{nextcloud_domain}}/config/config.php"
144     state: absent
145     regexp: 'config_is_read_only'
146   changed_when: False
147
148
149 - name: finish nextcloud upgrade by running occ upgrade
150   become: true
151   become_user: "www-data"
152   shell: 'php --define apc.enable_cli=1 occ upgrade'
153   args:
154     chdir: "/var/www/{{nextcloud_domain}}"
155   register: script_res
156   changed_when: "'Nextcloud is already latest version' not in script_res.stdout"
157
158
159 - name: ensure trusted domains are set
160   become: true
161   become_user: "www-data"
162   shell: 'echo "prev-$(php --define apc.enable_cli=1 occ config:system:get trusted_domains {{ item.0 }})-"; php --define apc.enable_cli=1 occ config:system:set trusted_domains {{ item.0 }} --value "{{ item.1 }}"'
163   args:
164     chdir: "/var/www/{{nextcloud_domain}}"
165   register: script_res
166 #  changed_when: "'prev-{{item.1}}-' not in script_res.stdout"
167   changed_when: False
168   with_indexed_items:
169     - 'localhost'
170     - "{{nextcloud_domain}}"
171
172
173 - name: install apps
174   become: true
175   become_user: "www-data"
176   shell: 'php --define apc.enable_cli=1 occ app:install -- "{{ item }}" || true'
177   args:
178     chdir: "/var/www/{{nextcloud_domain}}"
179   register: script_res
180 #  changed_when: "'{{item}} already installed' not in script_res.stdout"
181   changed_when: False
182   with_items:
183     - "{{nextcloud_installed_apps}}"
184   tags: "online"
185
186
187 - name: finish nextcloud upgrade by running occ db:add-missing-columns
188   become: true
189   become_user: "www-data"
190   shell: 'php --define apc.enable_cli=1 occ db:add-missing-columns'
191   args:
192     chdir: "/var/www/{{nextcloud_domain}}"
193   register: script_res
194   changed_when: "'Adding' in script_res.stdout"
195
196
197 - name: finish nextcloud upgrade by running occ db:add-missing-indices
198   become: true
199   become_user: "www-data"
200   shell: 'php --define apc.enable_cli=1 occ db:add-missing-indices'
201   args:
202     chdir: "/var/www/{{nextcloud_domain}}"
203   register: script_res
204   changed_when: "'Adding' in script_res.stdout"
205
206
207 - name: finish nextcloud upgrade by running occ db:add-missing-primary-keys
208   become: true
209   become_user: "www-data"
210   shell: 'php --define apc.enable_cli=1 occ db:add-missing-primary-keys'
211   args:
212     chdir: "/var/www/{{nextcloud_domain}}"
213   register: script_res
214   changed_when: "'Adding' in script_res.stdout"
215
216
217 - name: finish nextcloud upgrade by running occ maintenance:repair --include-expensive
218   become: true
219   become_user: "www-data"
220   shell: 'php --define apc.enable_cli=1 occ maintenance:repair --include-expensive'
221   args:
222     chdir: "/var/www/{{nextcloud_domain}}"
223   register: script_res
224   changed_when: "'Adding' in script_res.stdout"
225
226
227   # Failcloud expects an unsafe config-key behavior
228   # Therefore  we must use
229   #   shell: 'echo "prev-$(php occ config:system:get {{ item.key }})-"; php occ config:system:set $(echo -n "{{ item.key }}" ) --value "{{ item.value }}"'
230   # instead of
231   #   shell: 'echo "prev-$(php occ config:system:get {{ item.key }})-"; php occ config:system:set "{{ item.key }}"--value "{{ item.value }}"'
232 - name: apply config options
233   become: true
234   become_user: "www-data"
235   shell: 'echo "prev-$(php --define apc.enable_cli=1 occ config:system:get {{ item.key }})-"; php --define apc.enable_cli=1 occ config:system:set $(echo -n "{{ item.key }}" ) --value "{{ item.value }}"'
236   args:
237     chdir: "/var/www/{{nextcloud_domain}}"
238   register: script_res
239 #  changed_when: "'prev-{{item.value}}-' not in script_res.stdout"
240   changed_when: False
241   with_items:
242     - "{{nextcloud_config_options[nextcloud_domain]}}"
243
244
245 - name: write-lock config
246   become: true
247   become_user: "www-data"
248   shell: 'php --define apc.enable_cli=1 occ config:system:set config_is_read_only --value true'
249   args:
250     chdir: "/var/www/{{nextcloud_domain}}"
251   changed_when: False
252
253
254 - name: copy nextcloud-cron@.service to /etc/systemd/system/
255   copy:
256     src: "{{item}}"
257     dest: "/etc/systemd/system/nextcloud-cron@.service"
258     mode: 0644
259     owner: "root"
260     group: "root"
261   with_first_found:
262     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/nextcloud-cron@.service"
263     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/nextcloud-cron@.service"
264     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/nextcloud-cron@.service"
265     - "default/nextcloud-cron@.service"
266
267
268 - name: copy nextcloud-cron@.timer to /etc/systemd/system/
269   copy:
270     src: "{{item}}"
271     dest: "/etc/systemd/system/nextcloud-cron@.timer"
272     mode: 0644
273     owner: "root"
274     group: "root"
275   with_first_found:
276     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/nextcloud-cron@.timer"
277     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/nextcloud-cron@.timer"
278     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/nextcloud-cron@.timer"
279     - "default/nextcloud-cron@.timer"
280
281
282 - name: reload, enable and start nextcloud-cron@.timer.
283   include_role: name="base/systemd/enable-and-start"
284   vars:
285     service_name: "nextcloud-cron@{{nextcloud_domain}}.timer"