--- # tasks file for nextcloud - name: Ensure nextcloud config directory exists file: path: /home/{{ docker_user }}/nextcloud state: directory owner: '{{ docker_user }}' group: '{{ docker_user }}' - name: Provide nginx.conf copy: src: nginx.conf dest: /home/{{ docker_user }}/nextcloud/nginx.conf owner: "{{ docker_user }}" group: "{{ docker_user }}" mode: '0644' - name: Ensure database utils scripts directory exists file: path: /home/{{ docker_user }}/nextcloud/utils state: directory owner: '{{ docker_user }}' group: '{{ docker_user }}' - name: Provide database utils scripts copy: src: "{{ item }}" dest: /home/{{ docker_user }}/nextcloud/utils/ owner: "{{ docker_user }}" group: "{{ docker_user }}" mode: '0644' loop: "{{ nextcloud_database_utils }}" when: - nextcloud_database_utils is defined - nextcloud_database_utils | length > 0 - name: Provide docker-compose.yml template: src: templates/docker-compose.nextcloud.yml.j2 dest: /home/{{ docker_user }}/nextcloud/docker-compose.yml owner: "{{ docker_user }}" group: "{{ docker_user }}" mode: '0644' - name: Output docker-compose.yml shell: cat /home/{{ docker_user }}/nextcloud/docker-compose.yml register: output - debug: var: output - name: Provide database env vars copy: dest: /home/{{ docker_user }}/nextcloud/db.env owner: "{{ docker_user }}" group: "{{ docker_user }}" mode: '0640' content: | # See https://github.com/docker-library/mariadb/issues/262 MYSQL_INITDB_SKIP_TZINFO=1 MYSQL_ROOT_PASSWORD={{ mariadb_root_password }} MYSQL_DATABASE={{ mysql_database }} MYSQL_PASSWORD={{ nextcloud_mariadb_password }} MYSQL_USER={{ nextcloud_mariadb_user }} - name: Provide Nextcloud env vars copy: dest: /home/{{ docker_user }}/nextcloud/nextcloud.env owner: "{{ docker_user }}" group: "{{ docker_user }}" mode: '0640' content: | VIRTUAL_HOST={{ virtual_host }} LETSENCRYPT_HOST={{ letsencrypt_host }} LETSENCRYPT_EMAIL={{ letsencrypt_email }} MYSQL_HOST={{ mysql_host }} MYSQL_DATABASE={{ mysql_database }} MYSQL_PASSWORD={{ nextcloud_mariadb_password }} MYSQL_USER={{ nextcloud_mariadb_user }} NEXTCLOUD_ADMIN_USER={{ nextcloud_admin_user }} NEXTCLOUD_ADMIN_PASSWORD={{ nextcloud_admin_password }} NEXTCLOUD_TRUSTED_DOMAINS={{ nextcloud_trusted_domains }} SMTP_HOST={{ smtp_host }} SMTP_SECURE={{ smtp_secure }} SMTP_PORT={{ smtp_port }} SMTP_AUTHTYPE={{ smtp_authtype }} SMTP_NAME={{ smtp_name }} SMTP_PASSWORD={{ smtp_password }} MAIL_FROM_ADDRESS={{ mail_from_address }} MAIL_DOMAIN={{ mail_domain }} REDIS_HOST=redis REDIS_HOST_PASSWORD={{ redis_host_password }} - name: Provide Redis env vars copy: dest: /home/{{ docker_user }}/nextcloud/redis.env owner: "{{ docker_user }}" group: "{{ docker_user }}" mode: '0640' content: | REDIS_PASSWORD={{ redis_host_password }} - name: Provide restic-compose-backup env vars copy: dest: /home/{{ docker_user }}/nextcloud/restic-compose-backup.env owner: "{{ docker_user }}" group: "{{ docker_user }}" mode: '0640' content: | AWS_ACCESS_KEY_ID={{ restic_aws_access_key_id }} AWS_SECRET_ACCESS_KEY={{ restic_aws_secret_access_key }} RESTIC_REPOSITORY={{ restic_repository }} RESTIC_PASSWORD={{ restic_password }} # snapshot prune rules RESTIC_KEEP_DAILY={{ restic_keep_daily}} RESTIC_KEEP_WEEKLY={{ restic_keep_weekly }} RESTIC_KEEP_MONTHLY={{ restic_keep_monthly }} RESTIC_KEEP_YEARLY={{ restic_keep_yearly }} # Cron schedule. Run every day at 1am CRON_SCHEDULE="{{ restic_cron_schedule }}" when: nextcloud_enable_restic_compose_backup == true - name: "docker-compose: Teardown existing Nextcloud service" docker_compose: project_src: "/home/{{ docker_user }}/nextcloud/" state: absent tags: ['never', 'teardown'] - name: "docker-compose: Start Nextcloud service" docker_compose: project_src: "/home/{{ docker_user }}/nextcloud/" pull: true register: output tags: service_start - debug: var: output - assert: that: - "output.services['nextcloud-app']['nextcloud-app'].state.running" - "output.services['web']['nextcloud_web_1'].state.running" - name: Get container IP set_fact: nextcloud_ip: "{{ output.services['web']['nextcloud_web_1'].networks.nextcloud_default.IPAddress }}" - name: "Waiting for Nextcloud container to become available" become: false wait_for: host: "{{ nextcloud_ip }}" port: 80 - name: "docker-compose: Enable maintenance mode using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ maintenance:mode --on' - name: "docker-compose: Set overwriteprotocol using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ config:system:set overwriteprotocol --value="{{ nextcloud_overwrite_protocol }}"' - name: "docker-compose: Set overwrite.cli.url using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ config:system:set overwrite.cli.url --value="{{ nextcloud_overwrite_cli_url }}"' - name: "docker-compose: Set overwritehost using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ config:system:set overwritehost --value="{{ nextcloud_overwrite_host }}"' - name: "docker-compose: Set trusted_proxies using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ config:system:set trusted_proxies {{ idx }} --value="{{ item }}"' loop: "{{ nextcloud_trusted_proxies }}" loop_control: index_var: idx - name: "docker-compose: Fix ownership of /var/www/html" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: "docker-compose exec -T --user root nextcloud-app /bin/sh -c 'chown -R www-data: /var/www/html'" - name: "docker-compose: Install Nextcloud apps (will not fail)" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ app:install "{{ item }}"' loop: "{{ nextcloud_app_list_to_install }}" when: nextcloud_app_list_to_install | count failed_when: false register: nextcloud_app_install_result - name: "Output app install result" debug: var: "{{ nextcloud_app_install_result }}" - name: "docker-compose: Set default_phone_region using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ config:system:set default_phone_region --value="{{ nextcloud_default_phone_region }}"' - name: "docker-compose: Set maintenance_window_start to 1 using occ (This will run maintenance tasks between 01:00-05:00 UTC)" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ config:system:set maintenance_window_start --value=1 --type=integer' - name: "docker-compose: Add missing indices using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ db:add-missing-indices' - name: "docker-compose: Run maintenance:repair --include-expensive using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ maintenance:repair --include-expensive' - name: "docker-compose: Run database utils" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T mysqldb /bin/sh '/opt/utils/{{ item }}' loop: "{{ nextcloud_database_utils }}" when: - nextcloud_database_utils is defined - nextcloud_database_utils | length > 0 - name: "docker-compose: Disable maintenance mode using occ" shell: chdir: /home/{{ docker_user }}/nextcloud/ cmd: docker-compose exec -T -u www-data nextcloud-app /bin/sh -c './occ maintenance:mode --off' - name: "Test whether Nextcloud is healthy from the outside" when: not ansible_check_mode become: false uri: url: "{{ nextcloud_overwrite_cli_url }}/login" register: url_check delegate_to: localhost retries: 5 delay: 10 tags: health - debug: var: url_check tags: - never - debug