Jan Beilicke
d860a9c086
Streaming videos had been a pain with the default Nextcloud Docker image which uses Apache. This PR will replace that Docker image with Nextcloud 27 FPM and provides an Nginx to serve the app. Additionally, with moving from the latest Nextcloud (-Apache) image to a pinned version, it will be way clearer, which version is about to be deployed, major upgrades have to be done consciously and without skipping major versions which Nextcloud does not support. Co-authored-by: Jan Beilicke <dev@jotbe.io> Reviewed-on: #2
153 lines
4.9 KiB
YAML
153 lines
4.9 KiB
YAML
---
|
|
# tasks file for nextcloud
|
|
- name: Ensure nextcloud config directory exists
|
|
file:
|
|
path: /home/{{ docker_user }}/nextcloud
|
|
state: directory
|
|
owner: '{{ docker_user }}'
|
|
group: '{{ docker_user }}'
|
|
|
|
- name: Provide nginx.conf
|
|
copy:
|
|
src: nginx.conf
|
|
dest: /home/{{ docker_user }}/nextcloud/nginx.conf
|
|
owner: "{{ docker_user }}"
|
|
group: "{{ docker_user }}"
|
|
mode: '0644'
|
|
|
|
- name: Provide docker-compose.yml
|
|
template:
|
|
src: templates/docker-compose.nextcloud.yml.j2
|
|
dest: /home/{{ docker_user }}/nextcloud/docker-compose.yml
|
|
owner: "{{ docker_user }}"
|
|
group: "{{ docker_user }}"
|
|
mode: '0644'
|
|
|
|
- name: Output docker-compose.yml
|
|
shell: cat /home/{{ docker_user }}/nextcloud/docker-compose.yml
|
|
register: output
|
|
|
|
- debug:
|
|
var: output
|
|
|
|
- name: Provide database env vars
|
|
copy:
|
|
dest: /home/{{ docker_user }}/nextcloud/db.env
|
|
owner: "{{ docker_user }}"
|
|
group: "{{ docker_user }}"
|
|
mode: '0640'
|
|
content: |
|
|
# See https://github.com/docker-library/mariadb/issues/262
|
|
MYSQL_INITDB_SKIP_TZINFO=1
|
|
MYSQL_ROOT_PASSWORD={{ mariadb_root_password }}
|
|
MYSQL_DATABASE={{ mysql_database }}
|
|
MYSQL_PASSWORD={{ nextcloud_mariadb_password }}
|
|
MYSQL_USER={{ nextcloud_mariadb_user }}
|
|
|
|
- name: Provide Nextcloud env vars
|
|
copy:
|
|
dest: /home/{{ docker_user }}/nextcloud/nextcloud.env
|
|
owner: "{{ docker_user }}"
|
|
group: "{{ docker_user }}"
|
|
mode: '0640'
|
|
content: |
|
|
VIRTUAL_HOST={{ virtual_host }}
|
|
LETSENCRYPT_HOST={{ letsencrypt_host }}
|
|
LETSENCRYPT_EMAIL={{ letsencrypt_email }}
|
|
MYSQL_HOST={{ mysql_host }}
|
|
MYSQL_DATABASE={{ mysql_database }}
|
|
MYSQL_PASSWORD={{ nextcloud_mariadb_password }}
|
|
MYSQL_USER={{ nextcloud_mariadb_user }}
|
|
NEXTCLOUD_ADMIN_USER={{ nextcloud_admin_user }}
|
|
NEXTCLOUD_ADMIN_PASSWORD={{ nextcloud_admin_password }}
|
|
NEXTCLOUD_TRUSTED_DOMAINS={{ nextcloud_trusted_domains }}
|
|
SMTP_HOST={{ smtp_host }}
|
|
SMTP_SECURE={{ smtp_secure }}
|
|
SMTP_PORT={{ smtp_port }}
|
|
SMTP_AUTHTYPE={{ smtp_authtype }}
|
|
SMTP_NAME={{ smtp_name }}
|
|
SMTP_PASSWORD={{ smtp_password }}
|
|
MAIL_FROM_ADDRESS={{ mail_from_address }}
|
|
MAIL_DOMAIN={{ mail_domain }}
|
|
|
|
- name: Provide restic-compose-backup env vars
|
|
copy:
|
|
dest: /home/{{ docker_user }}/nextcloud/restic-compose-backup.env
|
|
owner: "{{ docker_user }}"
|
|
group: "{{ docker_user }}"
|
|
mode: '0640'
|
|
content: |
|
|
AWS_ACCESS_KEY_ID={{ restic_aws_access_key_id }}
|
|
AWS_SECRET_ACCESS_KEY={{ restic_aws_secret_access_key }}
|
|
RESTIC_REPOSITORY={{ restic_repository }}
|
|
RESTIC_PASSWORD={{ restic_password }}
|
|
# snapshot prune rules
|
|
RESTIC_KEEP_DAILY={{ restic_keep_daily}}
|
|
RESTIC_KEEP_WEEKLY={{ restic_keep_weekly }}
|
|
RESTIC_KEEP_MONTHLY={{ restic_keep_monthly }}
|
|
RESTIC_KEEP_YEARLY={{ restic_keep_yearly }}
|
|
# Cron schedule. Run every day at 1am
|
|
CRON_SCHEDULE="{{ restic_cron_schedule }}"
|
|
when: nextcloud_enable_restic_compose_backup == true
|
|
|
|
- name: "docker-compose: Teardown existing Nextcloud service"
|
|
docker_compose:
|
|
project_src: "/home/{{ docker_user }}/nextcloud/"
|
|
state: absent
|
|
tags: ['never', 'teardown']
|
|
|
|
- name: "docker-compose: Start Nextcloud service"
|
|
docker_compose:
|
|
project_src: "/home/{{ docker_user }}/nextcloud/"
|
|
register: output
|
|
tags: service_start
|
|
|
|
- debug:
|
|
var: output
|
|
|
|
- assert:
|
|
that:
|
|
- "output.services['nextcloud-app']['nextcloud-app'].state.running"
|
|
- "output.services['web']['nextcloud_web_1'].state.running"
|
|
|
|
- name: Get container IP
|
|
set_fact:
|
|
nextcloud_ip: "{{ output.services['web']['nextcloud_web_1'].networks.nextcloud_default.IPAddress }}"
|
|
|
|
- name: "Waiting for Nextcloud container to become available"
|
|
become: false
|
|
wait_for:
|
|
host: "{{ nextcloud_ip }}"
|
|
port: 80
|
|
|
|
- name: "docker-compose: Set overwriteprotocol using occ"
|
|
shell:
|
|
chdir: /home/{{ docker_user }}/nextcloud/
|
|
cmd: docker-compose exec -T -u www-data nextcloud-app /bin/bash -c './occ config:system:set overwriteprotocol --value="{{ nextcloud_overwrite_protocol }}"'
|
|
|
|
- name: "docker-compose: Set overwrite.cli.url using occ"
|
|
shell:
|
|
chdir: /home/{{ docker_user }}/nextcloud/
|
|
cmd: docker-compose exec -T -u www-data nextcloud-app /bin/bash -c './occ config:system:set overwrite.cli.url --value="{{ nextcloud_overwrite_cli_url }}"'
|
|
|
|
- name: "docker-compose: Set overwritehost using occ"
|
|
shell:
|
|
cmd: docker-compose exec -T -u www-data nextcloud-app /bin/bash -c './occ config:system:set overwritehost --value="{{ nextcloud_overwrite_host }}"'
|
|
chdir: /home/{{ docker_user }}/nextcloud/
|
|
|
|
- name: "Test whether Nextcloud is healthy from the outside"
|
|
when: not ansible_check_mode
|
|
become: false
|
|
uri:
|
|
url: "{{ nextcloud_overwrite_cli_url }}/login"
|
|
register: url_check
|
|
delegate_to: localhost
|
|
retries: 5
|
|
delay: 10
|
|
tags: health
|
|
|
|
- debug:
|
|
var: url_check
|
|
tags:
|
|
- never
|
|
- debug
|