2martens/uberspace-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added new role

Browse Source
This commit is contained in:
Jim Martens
2021-11-02 21:48:41 +01:00
parent 193eae637f
commit 30d3cf835d
26 changed files with 328 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/nextcloud/defaults/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
phone_region: DE
use_sendmail: yes

3
roles/nextcloud/handlers/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
- name: restart notify_push
ansible.builtin.command: supervisorctl restart notify_push

4
roles/nextcloud/meta/main.yml Normal file
View File

@ -0,0 +1,4 @@
---
dependencies:
- role: common
- role: redis

41
roles/nextcloud/tasks/apps.yml Normal file
View File

@ -0,0 +1,41 @@
---
- name: install notify_push
block:
- name: install app
ansible.builtin.command:
chdir: ~/html
cmd: php occ app:install notify_push
- name: set permissions
ansible.builtin.file:
path: ~/html/apps/notify_push/x86_64/notify_push
mode: 0744
- name: create symlink
ansible.builtin.file:
path: ~/bin/notify_push
src: ~/html/apps/notify_push/x86_64/notify_push
state: link
- name: create service
ansible.builtin.template:
src: notify_push_service.j2
dest: ~/etc/services.d/notify_push.ini
mode: 0644
notify:
- reload supervisorctl
- update supervisorctl
- name: get backend list
ansible.builtin.command: uberspace web backend list
register: backends
- name: add backend
when: backend.stdout.find('http:7867') == -1
ansible.builtin.command: uberspace web backend set /push --http --port 7867
- name: get ip route
ansible.builtin.command: ip route
register: ip
- name: set trusted proxies
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set trusted_proxies 0 --value="{{ ip.stdout.split().8 }}"
- name: configure notify_push app with backend
ansible.builtin.command:
chdir: ~/html
cmd: php occ notify_push:setup https://{{ domain }}/push

90
roles/nextcloud/tasks/config.yml Normal file
View File

@ -0,0 +1,90 @@
---
- name: configure email
when: use_sendmail
block:
- name: mail_domain
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set mail_domain --value="uber.space"
- name: mail_from_address
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set mail_from_address --value="{{ uberspace_user }}"
- name: smtp_mode
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set mail_smtpmode --value="sendmail"
- name: sendmail_mode
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set mail_sendmailmode --value="pipe"
- name: initialize URL rewriting
block:
- name: rewrite base
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set htaccess.RewriteBase --value='/'
- name: update htaccess
ansible.builtin.command:
chdir: ~/html
cmd: php occ maintenance:update:htaccess
- name: initialize cronjob
block:
- name: update crontab
ansible.builtin.cron:
name: nextcloud-cron
state: present
job: php -f $HOME/html/cron.php > $HOME/logs/nextcloud-cron.log 2>&1
minute: */5
- name: use cronjob for background
ansible.builtin.command:
chdir: ~/html
cmd: php occ background:cron
- name: set up redis
block:
- name: set redis host
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set redis host --value="/home/{{ uberspace_user }}/.redis/sock"
- name: set redis port
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set redis port --value=0
- name: set redis timeout
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set redis port --value=1.5
- name: enable file locking
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set filelocking.enabled --value='true'
- name: use Redis for memcache.locking
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set memcache.locking --value='\OC\Memcache\Redis'
- name: use Redis for memcache.distributed
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set memcache.distributed --value='\OC\Memcache\Redis'
- name: set default phone region
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set default_phone_region --value='{{ phone_region }}'
- name: perform database maintenance
block:
- name: add missing indices
ansible.builtin.command:
chdir: ~/html
cmd: php occ db:add-missing-indices --no-interaction
- name: add missing columns
ansible.builtin.command:
chdir: ~/html
cmd: php occ db:add-missing-columns --no-interaction
- name: add missing primary keys
ansible.builtin.command:
chdir: ~/html
cmd: php occ db:add-missing-primary-keys --no-interaction
- name: convert filecache bigint
ansible.builtin.command:
chdir: ~/html
cmd: php occ db:convert-filecache-bigint --no-interaction

17
roles/nextcloud/tasks/download.yml Normal file
View File

@ -0,0 +1,17 @@
---
- name: download Nextcloud and extract archive
ansible.builtin.unarchive:
src: https://download.nextcloud.com/server/releases/latest.tar.bz2
dest: ~/
remote_src: yes
creates: ~/nextcloud
register: nextcloud_archive
- name: copy files to web root
ansible.builtin.copy:
src: ~/nextcloud/
dest: ~/html
remote_src: yes
- name: remove nocontent.html
ansible.builtin.file:
path: ~/html/nocontent.html
state: absent

8
roles/nextcloud/tasks/main.yml Normal file
View File

@ -0,0 +1,8 @@
---
- include: php.yml
- include: download.yml
- include: mysql.yml
- include: setup.yml
- include: config.yml
- include: apps.yml
- include: prepare_updates.yml

4
roles/nextcloud/tasks/mysql.yml Normal file
View File

@ -0,0 +1,4 @@
---
- name: create MySQL database
community.mysql.mysql_db:
name: {{ uberspace_user }}_nextcloud

29
roles/nextcloud/tasks/php.yml Normal file
View File

@ -0,0 +1,29 @@
---
- name: enable PHP opcache
ansible.builtin.template:
src: opcache.j2
dest: ~/etc/php.d/opcache.ini
mode: 0644
notify:
- restart php
- name: enable PHP APCu
ansible.builtin.template:
src: apcu.j2
dest: ~/etc/php.d/apcu.ini
mode: 0644
notify:
- restart php
- name: set PHP memory limit to 512 MB
ansible.builtin.template:
src: memory_limit.j2
dest: ~/etc/php.d/memory_limit.ini
mode: 0644
notify:
- restart php
- name: disable PHP output buffering
ansible.builtin.template:
src: output_buffering.j2
dest: ~/etc/php.d/output_buffering.ini
mode: 0644
notify:
- restart php

12
roles/nextcloud/tasks/prepare_updates.yml Normal file
View File

@ -0,0 +1,12 @@
---
- name: create update script
ansible.builtin.template:
src: update.j2
dest: ~/bin/nextcloud-update
mode: 0744
- name: create cronjob for updates
ansible.builtin.cron:
name: nextcloud-update
state: present
job: $HOME/bin/nextcloud-update > $HOME/logs/nextcloud-update.log 2>&1
special_time: daily

26
roles/nextcloud/tasks/setup.yml Normal file
View File

@ -0,0 +1,26 @@
---
- name: run installation script
ansible.builtin.command:
chdir: ~/html
cmd: php occ maintenance:install --admin-user "{{ nextcloud_admin_user }}" --admin-pass "{{ nextcloud_admin_password }}" --database 'mysql' --database-name "{{ uberspace_user }}_nextcloud" --database-user "{{ uberspace_user }}" --database-pass "{{ mysql_password }}" --data-dir "/home/{{ uberspace_user }}/nextcloud_data"
creates: ~/nextcloud_data
- name: set domain as trusted
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set trusted_domains 0 --value="{{ domain }}"
- name: set domain as overwrite cli url
ansible.builtin.command:
chdir: ~/html
cmd: php occ config:system:set overwrite.cli.url --value="https://{{ domain }}"
- name: create symlinks for logs
block:
- name: symlink for nextcloud log
ansible.builtin.file:
path: ~/logs/nextcloud.log
src: ~/nextcloud_data/nextcloud.log
state: link
- name: symlink for nextcloud updater log
ansible.builtin.file:
path: ~/logs/nextcloud-updater.log
src: ~/nextcloud_data/updater.log
state: link

1
roles/nextcloud/templates/apcu.j2 Normal file
View File

@ -0,0 +1 @@
apc.enable_cli=1

1
roles/nextcloud/templates/memory_limit.j2 Normal file
View File

@ -0,0 +1 @@
memory_limit=512M

4
roles/nextcloud/templates/notify_push_service.j2 Normal file
View File

@ -0,0 +1,4 @@
[program:notify_push]
command=notify_push %(ENV_HOME)s/html/config/config.php
autostart=yes
autorestart=yes

7
roles/nextcloud/templates/opcache.j2 Normal file
View File

@ -0,0 +1,7 @@
opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

1
roles/nextcloud/templates/output_buffering.j2 Normal file
View File

@ -0,0 +1 @@
output_buffering=off

23
roles/nextcloud/templates/update.j2 Normal file
View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
## Updater automatically works in maintenance:mode.
## Use the Uberspace backup system for files and database if you need to roll back.
## The Nextcloud updater creates backups only to safe base and app code data and config files
## so it takes ressources you might need for your productive data.
## Deactivate NC-updater Backups with --no-backup (works from 19.0.4, 18.0.10 and 17.0.10)
php ~/html/updater/updater.phar -vv --no-backup --no-interaction
## re-enable maintenance mode for occ commands
php ~/html/occ maintenance:mode --on
## database optimisations
php ~/html/occ db:add-missing-primary-keys --no-interaction
php ~/html/occ db:add-missing-columns --no-interaction
php ~/html/occ db:add-missing-indices --no-interaction
php ~/html/occ db:convert-filecache-bigint --no-interaction
php ~/html/occ app:update --all
php ~/html/occ maintenance:mode --off
/usr/sbin/restorecon -R ~/html
## If you have set up the notify_push service uncomment the following line by removing the #
supervisorctl restart notify_push