-
Notifications
You must be signed in to change notification settings - Fork 1
/
playbook.yml
166 lines (143 loc) · 4.64 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
- name: Setup Nexcloud quadlet
hosts: all
become: false
tasks:
- name: Populate service facts
ansible.builtin.service_facts:
- name: Open ports in firewalld
become: yes
become_user: root
ansible.posix.firewalld:
port: "{{ item }}"
permanent: true
state: enabled
loop:
- 8000/tcp
- 9000/tcp
when:
- services['firewalld.service'] is defined
- services['firewalld.service']['state'] == 'running'
- name: Create random strings
ansible.builtin.set_fact:
nc_db_root_password: "{{ lookup('community.general.random_string', special=false, length=20) }}"
nc_db_password: "{{ lookup('community.general.random_string', special=false, length=20) }}"
- name: Create a podman secret for the mysql db root password
containers.podman.podman_secret:
name: nextcloud-db-root-password
state: present
skip_existing: true
data: "{{ nc_db_root_password }}"
- name: Create a podman secret for the mysql db password
containers.podman.podman_secret:
name: nextcloud-db-password
state: present
skip_existing: true
data: "{{ nc_db_password }}"
- name: Create a podman secret for nextcloud admin user password
containers.podman.podman_secret:
name: nextcloud-admin-password
state: present
skip_existing: true
data: "{{ nc_admin_password }}"
- name: Create the required directories
ansible.builtin.file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- ~/.config
- ~/.config/containers
- ~/.config/containers/systemd
- ~/.config/systemd
- ~/.config/systemd/user
- ~/storage
- ~/storage/nextcloud
- ~/storage/nextcloud/bin
- ~/storage/nextcloud/certs
- ~/storage/nextcloud/config
- ~/storage/nextcloud/custom_apps
- ~/storage/nextcloud/data
- ~/storage/nextcloud/db
- ~/storage/nextcloud/envoy
- ~/storage/nextcloud/html
- ~/storage/nextcloud/redis
- name: Copy the systemd and Quadlet files
ansible.builtin.copy:
src: .config
dest: ~/
mode: '0644'
- name: Copy files required for Nextcloud deployment
ansible.builtin.copy:
src: nextcloud/bin/lifecycle.sh
dest: ~/storage/nextcloud/bin/lifecycle.sh
mode: '0755'
- name: Copy envoy config
ansible.builtin.copy:
src: nextcloud/envoy/nextcloud-envoy-config.yaml
dest: ~/storage/nextcloud/envoy/nextcloud-envoy-config.yaml
mode: '0644'
- name: Touch redis-session.ini
ansible.builtin.file:
path: ~/storage/nextcloud/redis/redis-session.ini
state: touch
mode: '0644'
- name: Remove EnvironmentFile
ansible.builtin.file:
path: ~/storage/nextcloud/nextcloud.env
state: absent
- name: Touch EnvironmentFile
ansible.builtin.file:
path: ~/storage/nextcloud/nextcloud.env
state: touch
mode: '0644'
- name: Add REDIS_HOST=nextcloud-valkey env
ansible.builtin.lineinfile:
path: ~/storage/nextcloud/nextcloud.env
line: REDIS_HOST=nextcloud-valkey
create: yes
- name: Add NC_TRUSTED_DOMAINS env
ansible.builtin.lineinfile:
path: ~/storage/nextcloud/nextcloud.env
line: NC_TRUSTED_DOMAINS={{ nc_trusted_domains }}
create: yes
- name: Add NC_TRUSTED_PROXIES env
ansible.builtin.lineinfile:
path: ~/storage/nextcloud/nextcloud.env
line: NC_TRUSTED_PROXIES={{ nc_trusted_proxies }}
create: yes
- name: Add NC_DEFAULT_LANGUAGE env
ansible.builtin.lineinfile:
path: ~/storage/nextcloud/nextcloud.env
line: NC_DEFAULT_LANGUAGE={{ nc_default_language }}
create: yes
- name: Add NC_DEFAULT_PHONE_REGION env
ansible.builtin.lineinfile:
path: ~/storage/nextcloud/nextcloud.env
line: NC_DEFAULT_PHONE_REGION={{ nc_default_phone_region }}
create: yes
- name: Add NC_DEFAULT_LOCALE env
ansible.builtin.lineinfile:
path: ~/storage/nextcloud/nextcloud.env
line: NC_DEFAULT_LOCALE={{ nc_default_locale }}
create: yes
- name: Add NC_DEFAULT_TIMEZONE env
ansible.builtin.lineinfile:
path: ~/storage/nextcloud/nextcloud.env
line: NC_DEFAULT_TIMEZONE={{ nc_default_timezone }}
create: yes
- name: Run daemon reload to make Quadlet create the service files
ansible.builtin.systemd:
scope: user
daemon_reload: true
- name: Start the Nextcloud quadlet service
ansible.builtin.systemd:
name: nextcloud-pod
scope: user
state: restarted
enabled: true
- name: Start the Nextcloud cron timer
ansible.builtin.systemd:
name: nextcloud-cron.timer
scope: user
state: started
enabled: true